Menu
▾
▴
Re: [Bodington-developers] Abolute URLs - Bug or Bug Fix?
|
From: Matthew B. <mat...@ou...> - 2006-10-02 15:00:44
|
Jon Maber wrote: > Matthew Buckett wrote: >> The primary advantage is that you no longer have to configure Bodington >> to get it running. This makes the quickstart just work. It also means if >> you decide to change the hostname that Bodington is deployed under you >> don't have to perform any reconfiguration other than to your servlet >> container. >> > So how about one or two extra bodington.properties entries for my use? Why not just use the ones that were defined before? >> Why would you want to serve a Website up under several names? >> I can see this may have been an argument 5 years ago when there where >> clients that didn't support HTTP/1.0 and so didn't work with virtual >> hosts but this is 2006. Hosting a website under multiple domains leaves >> you a little exposed to spoofing attacks as users no longer rely on >> looking at the URL bar to determine if they are at the correct site. >> > You may not _want_ to have multiple names but sometimes you don't get a > choice. My problem is that the server is also 'localhost' which I was > using in my Apache configuration. However the problem for others is > that the official name might change - e.g. Bodington Common at Leeds was > on www.fldu.leeds.ac.uk but a new name vle.leeds.ac.uk was adopted. Redirects are a much better way of handling this as it prevents people from bookmarking the old hostname. > The > old alias is needed to handle links into the VLE from other web sites > but the new name is the official one. The multiple names will also > occur if the physical server has multiple functions, e.g. > mail.uni.ac.uk, www.uni.ac.uk etc. The configured server name forces > the user to access the proper url. With any half decent web server you have the choice over what content is served up for a particular domain. >> I can see that this is a valid use of the old setup and hadn't though of it. >> >> It should be reasonably easy to support using the bodington.properties >> if they are set and if not falling back the request properties. >> > That would also require a change to the setup servlet since setting the > port numbers and server name seems to be compulsory. That should be a bug then as I was under the impression that they were optional. >> Have you considered using AJP rather than mod_proxy which will preserve >> the orginal URLs (I believe) so you don't hit this problem. >> >> http://tomcat.apache.org/tomcat-5.5-doc/connectors.html >> > I did and I can't remember why I rejected it. Possible because mod_proxy > is very easy to set up. Ok. >> It was previously an undocumented feature ;-) >> > O.K., how about this; change the text of the setup servlet to indicate > that the server name is only required if the users could access the > server using multiple names. Then the code that constructs absolute > URLs for inclusion in HTML can use the server name in the properties > file but if not set use the server name in the request. Similarly the > port numbers - use the values from the properties file if available. Yep. > There is still a problem with your no-configuration option. When the > user is switched from non-secure to secure for their password how can > you determine the right port number if it isn't configured by the > sysadmin using setup servlet? The quickstart doesn't switch to https. -- -- Matthew Buckett, VLE Developer -- Learning Technologies Group, Oxford University Computing Services -- Tel: +44 (0)1865 283660 http://www.oucs.ox.ac.uk/ltg/ |
