-PerlAccessHandler Apache::lonacc
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
SetHandler perl-script
-PerlHandler Apache::lonassignments
+PerlHandler Apache::lonpreferences
ErrorDocument 403 /adm/login
-ErrorDocument 406 /adm/roles
ErrorDocument 500 /adm/errorhandler
-PerlAccessHandler Apache::lonacc
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
SetHandler perl-script
PerlHandler Apache::loncommunicate
ErrorDocument 403 /adm/login
@@ -711,26 +1340,33 @@ ErrorDocument 500 /adm/errorhandler
-PerlAccessHandler Apache::lonacc
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
SetHandler perl-script
PerlHandler Apache::lonsearchcat
PerlCleanupHandler Apache::lonsearchcat::cleanup
+PerlCleanupHandler Apache::lonacc::cleanup
ErrorDocument 403 /adm/login
ErrorDocument 413 /adm/overloaded.txt
ErrorDocument 500 /adm/errorhandler
-PerlAccessHandler Apache::lonacc
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
SetHandler perl-script
-PerlHandler Apache::lonnavmaps
+PerlHandler Apache::lonnavdisplay
ErrorDocument 403 /adm/login
ErrorDocument 406 /adm/roles
ErrorDocument 500 /adm/errorhandler
-PerlAccessHandler Apache::lonacc
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
SetHandler perl-script
PerlHandler Apache::lonquickgrades
ErrorDocument 403 /adm/login
@@ -739,96 +1375,141 @@ ErrorDocument 500 /adm/errorhandler
-PerlAccessHandler Apache::lonacc
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
SetHandler perl-script
PerlHandler Apache::groupsort
PerlCleanupHandler Apache::groupsort::cleanup
+PerlCleanupHandler Apache::lonacc::cleanup
ErrorDocument 403 /adm/login
ErrorDocument 500 /adm/errorhandler
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonwishlistdisplay
+ErrorDocument 403 /adm/login
+ErrorDocument 406 /adm/roles
+ErrorDocument 500 /adm/errorhandler
+
+
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonblockingmenu
+ErrorDocument 403 /adm/login
+ErrorDocument 406 /adm/roles
+ErrorDocument 500 /adm/errorhandler
+
+
+
+PerlAccessHandler Apache::publiccheck
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonblockingstatus
+
+
SetHandler perl-script
PerlHandler Apache::lonerrorhandler
-PerlAccessHandler Apache::lonacc
+AuthType LONCAPA
+Require valid-user
+PerlAccessHandler Apache::publiccheck
+PerlAuthzHandler Apache::lonacc
SetHandler perl-script
PerlHandler Apache::lonhelp
+ErrorDocument 500 /adm/errorhandler
-# ------------------------------------------------- Backdoor Adm Tests/Programs
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonhelpmenu
+ErrorDocument 500 /adm/errorhandler
+
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-
+
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonsupportreq
+ErrorDocument 500 /adm/errorhandler
+
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-
+
+SetHandler perl-script
+PerlHandler Apache::lonsupportreq
+ErrorDocument 500 /adm/errorhandler
+
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-
+
+SetHandler perl-script
+PerlHandler Apache::loncss
+ErrorDocument 500 /adm/errorhandler
+
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-
+
+SetHandler perl-script
+PerlHandler Apache::coursecatalog
+ErrorDocument 500 /adm/errorhandler
+
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-
+
+SetHandler perl-script
+PerlHandler Apache::resetpw
+ErrorDocument 500 /adm/errorhandler
+
-
-AuthName "harvest"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user reaper
-
+
+SetHandler perl-script
+PerlHandler Apache::selfenroll
+ErrorDocument 500 /adm/errorhandler
+
-
-AuthName "Offline"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user offline
-
+
+SetHandler perl-script
+PerlHandler Apache::createaccount
+ErrorDocument 500 /adm/errorhandler
+
-
-AuthName "Offline"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user offline
-
+
+SetHandler perl-script
+PerlHandler Apache::londns
+ErrorDocument 500 /adm/errorhandler
+
+
+
+SetHandler perl-script
+PerlHandler Apache::spellcheck
+
+
+
+
+# ------------------------------------------------- Backdoor Adm Tests/Programs
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
+PerlAccessHandler Apache::lonstatusacc
SetHandler perl-script
-PerlAccessHandler Apache::lonacc
PerlHandler Apache::lontest
# ------------------------------------------------------- Shutting down a child
-PerlChildExitHandler Apache::lonnet::goodbye
+PerlChildExitHandler Apache::lonacc::goodbye
#
# LON-CAPA Section (extensions to access.conf permission configuration)
@@ -840,6 +1521,41 @@ PerlChildExitHandler Apache::lonnet::goo
Options None
AllowOverride None
+
+ Require all denied
+
+
+ order deny,allow
+ deny from all
+
+
+
+# Allow uploaded files to be served
+
+
+Options Includes FollowSymLinks
+AllowOverride None
+
+ Require all granted
+
+
+ order allow,deny
+ allow from all
+
+
+
+# Allow construction space files to be served
+
+
+Options Includes FollowSymLinks
+AllowOverride
+
+ Require all granted
+
+
+ order allow,deny
+ allow from all
+
# Yes to symbolic links and server-side includes
@@ -847,61 +1563,141 @@ AllowOverride None
Options Includes FollowSymLinks
AllowOverride None
-order allow,deny
-allow from all
+
+ Require all granted
+
+
+ order allow,deny
+ allow from all
+
# If it is in cgi-bin, then it can be executed as a CGI script.
AllowOverride None
-Options ExecCGI
+Options ExecCGI FollowSymLinks
+
+ Require all granted
+
+
+ order allow,deny
+ allow from all
+
+# Allow serving of files in prtspool
+
+
+Options Includes FollowSymLinks
+AllowOverride None
+
+ Require all granted
+
+
+ order allow,deny
+ allow from all
+
+
+
+# Allow serving of files in zipspool
+
+
+Options Includes FollowSymLinks
+AllowOverride None
+
+ Require all granted
+
+
+ order allow,deny
+ allow from all
+
+
+
+# Allow serving of files in captchaspool
+
+
+Options Includes FollowSymLinks
+AllowOverride None
+
+ Require all granted
+
+
+ order allow,deny
+ allow from all
+
+
+
+
+ DirectoryIndex disabled
+
+
+
+ DirectoryIndex disabled
+
+
# ============================================================= Access Handlers
# ------------------------------------------------- Allow server-status reports
+PerlAccessHandler Apache::lonstatusacc
SetHandler server-status
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
# ------------------------ Allow LON-CAPA "low-level" connection status reports
-
-AuthName "LON-CAPA Network Administration"
-AuthType Basic
-AuthUserFile /home/httpd/lonTabs/htpasswd
-require user lonadm
-
+
+PerlAccessHandler Apache::lonstatusacc
+ErrorDocument 406 /adm/roles
+ErrorDocument 500 /adm/errorhandler
+
# ------------------- Allow access to local system documentation from localhost
Alias /doc /usr/doc
-order deny,allow
-deny from all
-allow from localhost
Options Indexes FollowSymLinks
+
+ Require local
+
+
+ order deny,allow
+ deny from all
+ allow from localhost
+
# ******** THESE "SHOULD" NEVER BE ALTERED BY THE USER ************************
# ====================================== Internal Settings / Perl Configuration
-PerlSetVar lonVersion ''
+PerlSetVar lonVersion ''
PerlSetVar lonIDsDir /home/httpd/lonIDs
+PerlSetVar lonDAVsessDir /home/httpd/webdav/sessionIDs
PerlSetVar lonTabDir /home/httpd/lonTabs
PerlSetVar lonUsersDir /home/httpd/lonUsers
PerlSetVar lonIconsURL /adm/lonIcons
PerlSetVar londPort 5663
-PerlSetVar lonSysEMail korte@lite.msu.edu
+PerlSetVar lonSysEMail techsupport@loncapa.org
PerlSetVar lonDaemons /home/httpd/perl
+PerlSetVar lonLib /home/httpd/lib
PerlSetVar lonSockDir /home/httpd/sockets
+PerlSetVar lonSockCreate /home/httpd/sockets/common
PerlSetVar lonDocRoot /home/httpd/html
+PerlSetVar lonPrtDir /home/httpd/prtspool
PerlSetVar lonIncludes /home/httpd/html/res/adm/includes
-PerlSetVar lonBrowsDet netscape:mozilla:msie:mozilla\/(\d+\.\d+)\s:9999:9999&explorer:msie:netscape:msie\s(\d+\.\d+)\;:9999:9999&mozilla:mozilla\/[5-9]:msie:mozilla\/(\d+\.\d+)\s:9999:1&amaya:amaya:mozilla:V(\d+\.\d+)\s:1:1
-PerlSetVar lonTextBrowsers opera:windows\s+ce:lynx
+PerlSetVar lonZipDir /home/httpd/zipspool
+PerlSetVar lonCaptchaDir /home/httpd/captchaspool
+PerlSetVar lonCaptchaDb /home/httpd/captchadb
+PerlSetVar lonFontsDir /home/httpd/html/adm/fonts
+# & separated list of % separated fields in order of
+# - internal name to call it,
+# - regexp that it should match (done case-insensitively)
+# - regexp that is should not match (done case-insensitively)
+# - regexp that will pull out the version number into $1
+# - a number that describes the minimum version that has mathml support
+# - a number that describes the minimum number version that has unicode support
+
+PerlSetVar lonBrowsDet explorer%msie%netscape%msie\s(\d+\.\d+)\;%9999%5&mozilla%mozilla\/[5-9]%msie%mozilla\/(\d+\.\d+)\s%9999%1&netscape%netscape%msie%netscape\/(\d+\.\d+)%9999%7&netscape%netscape\/[7-9]%shouldnotmatch%netscape\/(\d+\.\d+)%9999%7&amaya%amaya%mozilla%V(\d+\.\d+)\s%1%1&safari%safari%msie%safari\/([\d\.]+)%9999%84&chrome%chrome%chromeframe%\s+chrome\/(\d+\.\d+)%9999%1&explorer%\s+rv\:\d+\.\d+%firefox%\s+rv\:(\d+\.\d+)%9999%5&opera%\sOPR\/\d+\.\d+%shouldnotmatch%\sOPR\/(\d+\.\d+)%9999%6&opera%^Opera\/9.80\s.+Version\/\d+\.\d+$%shouldnotmatch%Version\/(\d+\.\d+)$%9999%6&opera%^Opera\/\d+\.\d+\s%Version\/\d+\.\d+$%^Opera\/(\d+\.\d+)\s%9999%6
+
+PerlSetVar lonTextBrowsers windows\s+ce:lynx
PerlSetVar lonScansDir /home/httpd/scantron
PerlSetVar lonScriptTimeout 10
PerlSetVar BugzillaHost http://bugs.lon-capa.org/
@@ -915,12 +1711,8 @@ PerlSetVar FAQHost http://help.lon-capa
PerlSetVar lonSqlAccess localhostkey
-# -----------------------------------------------------------------------------
-# lonttpdPort is the port used by the lightweight graphics httpd server
-# not the main Apache server
-PerlSetVar lonhttpdPort 8080
-
-
+#----------------------------------------------------------------------------
+#
# Parameters used by secure lond/lonc
#
@@ -964,7 +1756,34 @@ PerlSetVar lonnetPrivateKey lonK
# Did we mention that the file described above must have
# permissions really locked down so that it can't be stolen?
+#-------------------------------------------------------------------------
+
+# Parameters that define where all the ssl stuff is that's needed
+# to generate certificate requests and, on a system that's a CA
+# the certificate authority.
+#
+# SSLProgram -> Path to the openssl command
+# SSLDirectory -> Directory containing ssl configuration files etc.
+# SSLCAConfig -> Name of the SSL config file for the certificate
+# Authority.
+# SSLCAFile -> Full path to the Certificate authority file
+# (on the cert manager system).
+# SSLEmail -> E-mail address of loncapa certificate manager.
+# The following are good for the loncapa redhat installs and
+# the loncapa certificate authority system:
+#
+PerlSetVar SSLProgram /usr/bin/openssl
+PerlSetVar SSLDirectory /usr/share/ssl
+PerlSetVar SSLCAConfig loncapaca
+PerlSetVar SSLCAFile /usr/share/ssl/loncapaca/cacert.pem
+PerlSetVar SSLEmail certificate@lon-capa.org
+
+#-------------------------------------------------------------------------
+
+
+# ====================================== Include support for SSL rewrites
+Include conf/loncapa_rewrite.conf
# ====================================== Include machine-specific configuration
500 Internal Server Error
Internal Server Error
The server encountered an internal error or
misconfiguration and was unable to complete
your request.
Please contact the server administrator at
root@localhost to inform them of the time this error occurred,
and the actions you performed just before this error.
More information about this error may be available
in the server error log.