UNPKG

ethercalc

Version:

Multi-User Spreadsheet Server

ethercalc.net

audreyt/ethercalc

73 lines (65 loc) 2.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# Sample VirtualHost configuration file for EtherCalc under Apache # Permissions are granted # * for all sheets: to users belonging to # cn=ethercalc,ou=groups,dc=example,dc=com group # * for single sheet: to users belonging to subgroup of # cn=ethercalc,ou=groups,dc=example,dc=com group. Name of this # subgroup determines the name of sheet user has access to. # e.g. member of cn=diner,cn=ethercalc,ou=groups,dc=example,dc=com # has access to https://ethercalc.example.com/diner sheet. # # Note: duplicated AuthLDAP directives should be removed using # AuthnProviderAlias. Unfortunately it does not seem to work as of # Apache 2.4.9 #<AuthnProviderAlias ldap ethercalc> # AuthBasicProvider ldap # AuthLDAPBindDN "cn=apache,dc=example,dc=com" # AuthLDAPBindPassword <password> # AuthLDAPURL ldap://localhost/ou=people,dc=example,dc=com?uid #</AuthnProviderAlias> <VirtualHost 1.2.3.4:443> ServerName ethercalc.example.com ErrorLog /var/log/apache2/ethercalc-ssl_error_log TransferLog /var/log/apache2/ethercalc-ssl_access_log CustomLog /var/log/apache2/ethercalc-ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" ProxyRequests Off ProxyPass / http://127.0.0.1:8000/ <Location /> Require all denied </Location> # Files referred to by Ethercalc sheet <LocationMatch '^/[^/]+/[^/]*$' > AuthType Basic AuthName "EtherCalc" AuthBasicProvider ldap AuthLDAPBindDN "cn=apache,dc=example,dc=com" AuthLDAPBindPassword <password> AuthLDAPURL ldap://localhost/ou=people,dc=example,dc=com?uid #AuthBasicProvider ethercalc SetEnvIf Referer "^https://[^/]+/([^/]+)$" CALC_REFERRAL=$1 <RequireAny> Require ldap-group cn=ethercalc,ou=groups,dc=example,dc=com Require ldap-group cn=%{unescape:%{env:CALC_REFERRAL}},cn=ethercalc,ou=groups,dc=example,dc=com </RequireAny> </LocationMatch> # Ethercalc sheet <LocationMatch '^/(?<CALCNAME>[^/]+)$' > AuthType Basic AuthName "EtherCalc" AuthBasicProvider ldap AuthLDAPBindDN "cn=apache,dc=example,dc=com" AuthLDAPBindPassword <password> AuthLDAPURL ldap://localhost/ou=people,dc=example,dc=com?uid #AuthBasicProvider ethercalc <RequireAny> Require ldap-group cn=ethercalc,ou=groups,dc=example,dc=com Require ldap-group cn=%{unescape:%{env:MATCH_CALCNAME}},cn=ethercalc,ou=groups,dc=example,dc=com </RequireAny> </LocationMatch> #LogLevel authz_core:trace1 SSLEngine on SSLCertificateFile /etc/ssl/apache2/server.crt SSLCertificateKeyFile /etc/ssl/apache2/server.key </VirtualHost> # vim: ts=4 filetype=apache