See the Mailing Lists Page for how to subscribe and unsubscribe.
eprints_tech messages
Please note: this page shows emails that have been sent to the eprints_tech mailing list. Some of these may be spam emails we have failed to filter.
[EP-tech] https, again
From: Peter Schober <peter.schober AT univie.ac.at>
Date: Fri, 13 Apr 2007 20:30:05 +0200
| Threading: | • This Message → Re: [EP-tech] https, again from peter.schober AT univie.ac.at → Re: [EP-tech] https, again from itsupport AT history.ox.ac.uk → Re: [EP-tech] https, again from peter.schober AT univie.ac.at → Re: [EP-tech] https, again from peter.schober AT univie.ac.at → Re: [EP-tech] https, again from itsupport AT history.ox.ac.uk → Re: [EP-tech] https, again from tmb AT ecs.soton.ac.uk → Re: [EP-tech] https, again from peter.schober AT univie.ac.at → Re: [EP-tech] https, again from tmb AT ecs.soton.ac.uk → Re: [EP-tech] https, again from itsupport AT history.ox.ac.uk → [EP-tech] https again from Jean-Marie.Lebechec AT inp-toulouse.fr |
*** EPrints technical list - http://software.eprints.org/tech.php/ *** EPrints community wiki - http://wiki.eprints.org/ eprints 3.0, debian stable (etch), apache2.2, trying to setup HTTPS, everything according to the wiki page at http://wiki.eprints.org/w/HTTPS I configured a securehost ('eprints.example.org'; the same as for the main apache vhost I configured for eprints) and secure path ('/secure') in 10_core.pl, generated the secure.xml template changing $base_url for image/CSS/JS to $secure_url, changed bin/generate_static to generate relative paths (cf. end of the wiki page), generated apache configs, included the generated config in a vhost wrapper, restarted, etc. everything like in the wiki; changed $c->{secure_urlpath} in 20_baseurls.pl to "/secure" (from "" in the wiki) for some ↵ reason, but this does not seem to make a difference now? I could start the deposit of an eprint, but then got thrown back to the "Manage deposits" screen: all actions do not work (e.g. trying to "destroy item") possibly because the form still has an action for http:// ? this seems to come from $self->{processor}->{url} in render_form() in /opt/eprints3/perl_lib/EPrints/Plugin/Screen.pm. I added a Data::Dumper statement to print $self (which got me some 30000+ lines of a dump) but I couldn't easily locate where in eprints this 'url' got set. so ↵ https://eprints.example.org/secure/cgi/users/home?screen=EPrint%3A%3ARemove&eprintid=4&_action_null=Destroy+item contains <form method="post" accept-charset="utf-8" ↵ action="http://eprints.example.org/cgi/users/home#t" ↵ enctype="multipart/form-data"> which produces an ugly browser warning, of course. but maybe it's also preventing the actions from working? where do I change this cleanly? does this work OK for everyone else (so is this a problem with my setup)? config files (cfg/cfg.d/ and apache configs) on request. also I had to include more than just the generated auto-secure.conf file in the HTTPS-vhost for eprints to work: DocumentRoot /opt/eprints3/archives/ARCHIVEID/html/en/ Include /opt/eprints3/archives/ARCHIVEID/var/auto-secure.conf PerlSetVar EPrints_Dir_SecuredCGI /opt/eprints3/cgi/users PerlSetVar EPrints_Dir_Documents /opt/eprints3/archives/ARCHIVEID/documents but this could be specific to debian/whatever? I could add this to the wiki but would like to hear about others' security and vhost configs first. regards, -p.schober -- peter.schober AT univie.ac.at - vienna university computer center Universitaetsstrasse 7, A-1010 Wien, Austria/Europe Tel. +43-1-4277-14155, Fax. +43-1-4277-9140
[index] [prev] [next] [options] [help]