From: Jason J. <su...@bu...> - 2005-06-29 14:38:18
|
I'm trying to use Usermin to provide web based access to a Samba file server. I'd prefer not to have to open up connections from the world to this server though. We have a web server that is by definition open to the world. If possible, I'd like to somehow get Usermin to run on it and the File Manager module actually access the files on the Samba server. That way, the Samba server only has to open up connections from the web server. I've seen that there is some Webmin clustering stuff. Is it capable of doing this? If not, does anyone have any other suggestions? Maybe some sort of proxy running on the web server? Thanks, Jason Joines ================================= |
From: Jamie C. <jca...@we...> - 2005-06-29 23:35:10
|
On Thu, 2005-06-30 at 00:38, Jason Joines wrote: > I'm trying to use Usermin to provide web based access to a Samba > file server. I'd prefer not to have to open up connections from the > world to this server though. We have a web server that is by definition > open to the world. If possible, I'd like to somehow get Usermin to run > on it and the File Manager module actually access the files on the Samba > server. That way, the Samba server only has to open up connections from > the web server. I've seen that there is some Webmin clustering stuff. > Is it capable of doing this? If not, does anyone have any other > suggestions? Maybe some sort of proxy running on the web server? One solution would be to setup your external web server to proxy requests to the /file URL path to the Usermin server. This can be done with Apache directives like : ProxyPass /file/ http://userminserver:20000/file/ ProxyPassReverse /file/ http://userminserver:20000/file/ - Jamie |
From: Jason J. <su...@bu...> - 2005-06-30 20:11:09
|
Jamie Cameron wrote: >On Thu, 2005-06-30 at 00:38, Jason Joines wrote: > > >> I'm trying to use Usermin to provide web based access to a Samba >>file server. I'd prefer not to have to open up connections from the >>world to this server though. We have a web server that is by definition >>open to the world. If possible, I'd like to somehow get Usermin to run >>on it and the File Manager module actually access the files on the Samba >>server. That way, the Samba server only has to open up connections from >>the web server. I've seen that there is some Webmin clustering stuff. >>Is it capable of doing this? If not, does anyone have any other >>suggestions? Maybe some sort of proxy running on the web server? >> >> > >One solution would be to setup your external web server to proxy >requests to the /file URL path to the Usermin server. This can be done >with Apache directives like : > >ProxyPass /file/ http://userminserver:20000/file/ >ProxyPassReverse /file/ http://userminserver:20000/file/ > > - Jamie > > > I've started playing with that but haven't made a lot of progress yet. Within my Apache SSL Virtual Host I tried this: SSLProxyEngine on ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass /ourfiles/* https://userminserver:20000/* ProxyPassReverse /ourfiles/* https://userminserver:20000/* That worked to bring up the login screen but as soon as you tried to login it would fail because it would try to pull up https://apacheserver/pam_login.cgi. So, I tried using the proxy through mod_rewrite instead: RewriteRule ^/ourfiles(.*)$ https://userminserver:20000/$1 [P] RewriteRule ^/pam_login.cgi(.*)$ https://userminserver:20000/$1 [P] This got a little further as it got a warning about referers. I tried to add the refering site to trusted referers but it got into some sort of circle where usermin would be refering to itself. I disabled referer checking. Now when you enter your username and select Continue, it just takes you right back to the same page to enter your username. I guess sessions are getting lost or something. Thanks for the tip though. As soon as I get something working I'll post it. Jason =========== |
From: Jamie C. <jca...@we...> - 2005-06-30 23:56:36
|
On Fri, 2005-07-01 at 06:11, Jason Joines wrote: > Jamie Cameron wrote: > > >On Thu, 2005-06-30 at 00:38, Jason Joines wrote: > > > > > >> I'm trying to use Usermin to provide web based access to a Samba > >>file server. I'd prefer not to have to open up connections from the > >>world to this server though. We have a web server that is by definition > >>open to the world. If possible, I'd like to somehow get Usermin to run > >>on it and the File Manager module actually access the files on the Samba > >>server. That way, the Samba server only has to open up connections from > >>the web server. I've seen that there is some Webmin clustering stuff. > >>Is it capable of doing this? If not, does anyone have any other > >>suggestions? Maybe some sort of proxy running on the web server? > >> > >> > > > >One solution would be to setup your external web server to proxy > >requests to the /file URL path to the Usermin server. This can be done > >with Apache directives like : > > > >ProxyPass /file/ http://userminserver:20000/file/ > >ProxyPassReverse /file/ http://userminserver:20000/file/ > > > > - Jamie > > > > > > > > I've started playing with that but haven't made a lot of progress > yet. Within my Apache SSL Virtual Host I tried this: > > SSLProxyEngine on > ProxyRequests Off > <Proxy *> > Order deny,allow > Allow from all > </Proxy> > ProxyPass /ourfiles/* https://userminserver:20000/* > ProxyPassReverse /ourfiles/* https://userminserver:20000/* I don't think you need to have those *'s at the end.. > That worked to bring up the login screen but as soon as you tried to > login it would fail because it would try to pull up > https://apacheserver/pam_login.cgi. > > So, I tried using the proxy through mod_rewrite instead: > > RewriteRule ^/ourfiles(.*)$ https://userminserver:20000/$1 [P] > RewriteRule ^/pam_login.cgi(.*)$ https://userminserver:20000/$1 [P] > > This got a little further as it got a warning about referers. I > tried to add the refering site to trusted referers but it got into some > sort of circle where usermin would be refering to itself. > > I disabled referer checking. Now when you enter your username and > select Continue, it just takes you right back to the same page to enter > your username. I guess sessions are getting lost or something. > > Thanks for the tip though. As soon as I get something working I'll > post it. There are a couple more settings you may need to make in Usermin - in the file /etc/usermin/config , add the lines : webprefix=/ourfiles webprefixnoredir=1 - Jamie |
From: Jason J. <su...@bu...> - 2005-07-07 19:26:46
|
Jamie Cameron wrote: >On Fri, 2005-07-01 at 06:11, Jason Joines wrote: >>Jamie Cameron wrote: >> >>>On Thu, 2005-06-30 at 00:38, Jason Joines wrote: >>> >>> >>>> I'm trying to use Usermin to provide web based access to a Samba >>>>file server. I'd prefer not to have to open up connections from the >>>>world to this server though. We have a web server that is by definition >>>>open to the world. If possible, I'd like to somehow get Usermin to run >>>>on it and the File Manager module actually access the files on the Samba >>>>server. That way, the Samba server only has to open up connections from >>>>the web server. I've seen that there is some Webmin clustering stuff. >>>>Is it capable of doing this? If not, does anyone have any other >>>>suggestions? Maybe some sort of proxy running on the web server? >>>> >>>> >>>One solution would be to setup your external web server to proxy >>>requests to the /file URL path to the Usermin server. This can be done >>>with Apache directives like : >>> >>>ProxyPass /file/ http://userminserver:20000/file/ >>>ProxyPassReverse /file/ http://userminserver:20000/file/ >>> >>>- Jamie >>> >>> >>> >> I've started playing with that but haven't made a lot of progress >>yet. Within my Apache SSL Virtual Host I tried this: >> >>SSLProxyEngine on >>ProxyRequests Off >> <Proxy *> >> Order deny,allow >> Allow from all >> </Proxy> >>ProxyPass /ourfiles/* https://userminserver:20000/* >>ProxyPassReverse /ourfiles/* https://userminserver:20000/* > >I don't think you need to have those *'s at the end.. > >> That worked to bring up the login screen but as soon as you tried to >>login it would fail because it would try to pull up >>https://apacheserver/pam_login.cgi. >> >> So, I tried using the proxy through mod_rewrite instead: >> >>RewriteRule ^/ourfiles(.*)$ https://userminserver:20000/$1 [P] >>RewriteRule ^/pam_login.cgi(.*)$ https://userminserver:20000/$1 [P] >> >> This got a little further as it got a warning about referers. I >>tried to add the refering site to trusted referers but it got into some >>sort of circle where usermin would be refering to itself. >> >> I disabled referer checking. Now when you enter your username and >>select Continue, it just takes you right back to the same page to enter >>your username. I guess sessions are getting lost or something. >> >> Thanks for the tip though. As soon as I get something working I'll >>post it. > >There are a couple more settings you may need to make in Usermin - in >the file /etc/usermin/config , add the lines : > >webprefix=/ourfiles >webprefixnoredir=1 > > - Jamie Adding those two lines did the trick. Is there somewhere I should be looking to find these nifty little extras before I post to this list? Here is the proxy configuration I'm using now: SSLProxyEngine on ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass /ourfiles http://userminserver:10 ProxyPassReverse /ourfiles http://userminserver:10 I had to disable SSL on the usermin box as using it with Usermin and on the Apache proxy server used so much CPU that transfer speeds became unusable. I still have one more little problem to iron out. At the moment, Usermin is configured to display four modules as soon as the user logs in, Disk Quotas, File Manager, Group Drive, and Home Drive. However, the images are missing for each one. If I go into the Disk Quotas module and then back to the main page, the images are still missing. The Apache error log shows: File does not exist: /local/secdocs/images, referer: https://apacheserver/ourfiles File does not exist: /local/secdocs/quota, referer: https://apacheserver/ourfiles File does not exist: /local/secdocs/file, referer: https://apacheserver/ourfiles File does not exist: /local/secdocs/file3, referer: https://apacheserver/ourfiles File does not exist: /local/secdocs/file2, referer: https://apacheserver/ourfiles However, if I go into the File Manager module or either of it's clones and back to the main page, the images display fine. Any ideas? Jason =========== |