#---------------------------------------
# Admin HTTP server configuration
#---------------------------------------
#---------------------------------------
# General setup directives
#---------------------------------------
HotBackup Off
ThreadsPerChild 5
CgiConvMode %%EBCDIC/EBCDIC%%
HostNameLookups Off
UseCanonicalName On
KeepAlive Off
DocumentRoot /
AddLanguage en .en
LogMaint logs/error_log 5 0
#---------------------------------------
# HTTP Server administration
#---------------------------------------
RewriteEngine On
RewriteRule ^/QIBM/HTTPSVR/Admin/qzhafrnt.ndm/frontpage$ /HTTPAdmin [R]
RewriteRule ^/QIBM/HTTPSVR/Admin/qzhamain.ndm/mainpage$ /HTTPAdmin [R]
RewriteRule ^/QSYS.LIB/QTCPCGI.LIB/QTMHICFP.PGM$ /QIBM/HTTPSVR/Admin/qzhafrnt.ndm/frontpage [R]
RewriteRule ^/QSYS.LIB/QTCPCGI.LIB/QTMHICFP.PGM/$ /QIBM/HTTPSVR/Admin/qzhafrnt.ndm/frontpage [R]
Alias /HTTPA/ /QIBM/ProdData/HTTPA/admin/www/
Alias /HTTPAU/ipp/www/ /QIBM/UserData/HTTPA/admin/www/ipp/
Alias /HTTPAU/ /QIBM/UserData/HTTPA/admin/www/
Alias /QIBM/HTTPSVR/Admin/ /QSYS.LIB/QSYSCGI.LIB/DB2WWW.PGM/QIBM/ProdData/HTTP/Protect/HTTPSVR/Macro/
Alias /QIBM/HTTPSVR/ /QIBM/ProdData/HTTP/Protect/HTTPSVR/HTML/
AliasMatch ^/reports/(.*).ndm/(.*)$ /QSYS.LIB/QSYSCGI.LIB/DB2WWW.PGM/QIBM/ProdData/HTTP/Protect/HTTPSVR/Macro/$1.ndm/$2
AliasMatch ^/reports/(.*).class$ /QIBM/ProdData/HTTP/Protect/HTTPSVR/reports/$1.class
Alias /reports/java/ /QIBM/ProdData/HTTP/Protect/HTTPSVR/reports/java/
Alias /reports/ /QIBM/UserData/HTTPSVR/reports/
<Location /HTTPAdmin>
AuthName "HTTP Admin"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
order allow,deny
allow from all
</Location>
<LocationMatch ^/mmconsole/cmd=(.*)>
order allow,deny
allow from all
</LocationMatch>
<LocationMatch ^/mmconsole/ap(.*)>
AuthName "HTTP Admin"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
order allow,deny
allow from all
</LocationMatch>
<Directory /QIBM/ProdData/HTTPA/admin/www>
order allow,deny
allow from all
</Directory>
<Directory /QIBM/UserData/HTTPA/admin/www>
order allow,deny
allow from all
</Directory>
<Directory /QIBM/ProdData/HTTP/Protect/HTTPSVR/HTML>
order allow,deny
allow from all
</Directory>
<Directory /QIBM/ProdData/HTTP/Protect/HTTPSVR/reports>
order deny,allow
deny from all
<Files .class>
order allow,deny
allow from all
</Files>
</Directory>
<Directory /QIBM/ProdData/HTTP/Protect/HTTPSVR/reports/java>
AuthName "HTTP Admin"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
order allow,deny
allow from all
</Directory>
<Directory /QIBM/UserData/HTTPSVR/reports>
AuthName "HTTP Admin"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
order allow,deny
allow from all
</Directory>
<Directory /QIBM/ProdData/HTTP/Public>
order allow,deny
allow from all
</Directory>
#---------------------------------------
# Task Page
#---------------------------------------
AliasMatch ^/$ /QSYS.LIB/QSYSCGI.LIB/DB2WWW.PGM/QIBM/ProdData/HTTP/Protect/OS400/Macro/qyunmain.ndm/main0
AliasMatch ^/AS400TASKS$ /QSYS.LIB/QSYSCGI.LIB/DB2WWW.PGM/QIBM/ProdData/HTTP/Protect/OS400/Macro/qyunmain.ndm/main0
AliasMatch ^/QIBM/AS400TASK/HELP$ /QSYS.LIB/QSYSCGI.LIB/DB2WWW.PGM/QIBM/ProdData/HTTP/Protect/OS400/Macro/qyunmain.ndm/help0
Alias /QIBM/OS400/ /QIBM/ProdData/HTTP/Protect/OS400/HTML/
<Directory /QIBM/ProdData/HTTP/Protect/OS400/HTML>
order allow,deny
allow from all
</Directory>
#---------------------------------------
# Business to Business
#---------------------------------------
Alias /BtoB/ /QIBM/UserData/HTTPA/admin/webapps/BtoB/
<Location /BtoB/Connect>
AuthName "BtoB Connect"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
order allow,deny
allow from all
</Location>
<Directory /QIBM/UserData/HTTPA/admin/webapps/BtoB>
order allow,deny
allow from all
</Directory>
#---------------------------------------
# Business to Business 2.0
#---------------------------------------
RewriteRule ^/Connect/Custom$ /Connect/Commerce [R]
Alias /Connect/ /QIBM/UserData/HTTPA/admin/webapps/Connect/
<Location /Connect>
AuthName "Connect"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
order allow,deny
allow from all
</Location>
<Directory /QIBM/UserData/HTTPA/admin/webapps/Connect>
order allow,deny
allow from all
</Directory>
#---------------------------------------
# Internet Print Protocol
#---------------------------------------
<Location /IPPAdmin>
AuthName "IPP Admin"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
order allow,deny
allow from all
</Location>
#---------------------------------------
# Digital Certificate Manager
#---------------------------------------
Alias /QIBM/ICSS/Cert/Admin/ /QSYS.LIB/QSYSCGI.LIB/DB2WWW.PGM/QIBM/ProdData/HTTP/Protect/ICSS/Cert/Macro/
Alias /QIBM/ICSS/Cert/Download/ /QIBM/UserData/ICSS/Cert/Download/
Alias /QIBM/ICSS/Cert/ /QIBM/ProdData/HTTP/Protect/ICSS/Cert/HTML/
<Directory /QIBM/UserData/ICSS/Cert/Download>
AuthName "HTTP Admin"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
order allow,deny
allow from all
AddType application/x-x509-ca-cert cacrt
AddType application/x-x509-user-cert usrcrt
</Directory>
<Directory /QIBM/ProdData/HTTP/Protect/ICSS/Cert/HTML>
AuthName "HTTP Admin"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
order allow,deny
allow from all
</Directory>
#---------------------------------------
# WebSphere Commerce Suite
#---------------------------------------
AliasMatch ^/admin/webconfig$ /QSYS.LIB/QNETCOMM.LIB/QNEWEBCFG.PGM
AliasMatch ^/WCS/Admin$ /QSYS.LIB/QNETCOMM.LIB/QNEWEBCFG.PGM/loadmlt
Alias /WCS/ /QSYS.LIB/QNETCOMM.LIB/
Alias /CommerceSuite/ /QIBM/ProdData/CommerceSuite/
<Directory /QSYS.LIB/QNETCOMM.LIB>
AuthName "HTTP Admin"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
SetHandler cgi-script
Options +ExecCGI
CGIMultiThreaded On
# CGIConvMode %%EBCDIC/EBCDIC%%
order allow,deny
allow from all
</Directory>
<Directory /QIBM/ProdData/CommerceSuite>
order allow,deny
allow from all
</Directory>
#---------------------------------------
# WebSphere Payment Manager
#---------------------------------------
Alias /QIBM/PymSvr/Admin/ /QSYS.LIB/QSYSCGI.LIB/DB2WWW.PGM/QIBM/ProdData/HTTP/Protect/PymSvr/Macro/
AliasMatch ^/QIBM/PymSvr/AdminPers/(.*)/(.*)$ /QSYS.LIB/QSYSCGI.LIB/DB2WWW.PGM/$1/QIBM/ProdData/HTTP/Protect/PymSvr/Macro/$2
Alias /QIBM/PymSvr/ /QIBM/ProdData/HTTP/Protect/PymSvr/HTML/
<Directory /QIBM/ProdData/HTTP/Protect/PymSvr/HTML>
order allow,deny
allow from all
</Directory>
#---------------------------------------
# Cryptographic Coprocessor
#---------------------------------------
Alias /QIBM/CCA/Admin/ /QSYS.LIB/QSYSCGI.LIB/DB2WWW.PGM/QIBM/ProdData/CCA/Macro/ndm/
Alias /QIBM/CCA/ /QIBM/ProdData/CCA/
<Directory /QIBM/ProdData/CCA>
order allow,deny
allow from all
</Directory>
#---------------------------------------
# Eclipse Help
#---------------------------------------
<Location /EclipseHelp>
AuthName "Eclipse Help Admin"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
order allow,deny
allow from all
</Location>
#---------------------------------------
# General routing items
#---------------------------------------
# Deny most requests for any file
<Directory />
order allow,deny
deny from all
Options -Indexes -ExecCGI -includes
</Directory>
# Deny direct requests for a CGI program in QSYSCGI
<Location /QSYS.LIB/QSYSCGI.LIB>
order deny,allow
deny from all
</Location>
# Allow CGI requests in QSYSCGI if they came via an alias
<Directory /QSYS.LIB/QSYSCGI.LIB>
AuthName "HTTP Admin"
AuthType Basic
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
Require valid-user
SetHandler cgi-script
Options +ExecCGI
order allow,deny
allow from all
</Directory>
#---------------------------------------
# Servlet engine directives
#---------------------------------------
LoadModule jk_module /QSYS.LIB/QHTTPSVR.LIB/QZTCJK.SRVPGM
JkWorkersFile /QIBM/ProdData/HTTPA/admin/conf/workers.properties
JkLogFile /QIBM/UserData/HTTPA/admin/logs/jk.log
JkLogLevel error
JkMount /HTTPAdmin jni
JkMount /HTTPAdmin/* jni
JkMount /IPPAdmin jni
JkMount /IPPAdmin/* jni
JkMount /BtoB/Connect jni
JkMount /BtoB/Connect/* jni
JkMount /Connect/Commerce jni
JkMount /Connect/Commerce/* jni
JkMount /EclipseHelp/* jni
JkMount /mmconsole/* jni
#---------------------------------------
# WAS System Instance directives
#---------------------------------------
LoadModule mod_ibm_si /QSYS.LIB/QHTTPSVR.LIB/QZISI.SRVPGM
WASInstance SYSINST 5722XXX 2
WASPlugin SYSINST 5722XXX 2
#------------------------------------------------------
# The following directives should be added to
# /QIBM/UserData/HTTPA/admin/conf/admin-cust.conf
# and uncommented in order to enable SSL for ADMIN.
#------------------------------------------------------
# LoadModule ibm_ssl_module /QSYS.LIB/QHTTPSVR.LIB/QZSRVSSL.SRVPGM
# Listen 2001
# Listen 2010
# SetEnv HTTPS_PORT 2010
# <VirtualHost *:2010>
# SSLEnable
# SSLAppName QIBM_HTTP_SERVER_ADMIN
# </VirtualHost>
#---------------------------------------
# Include customer configuration
#---------------------------------------
include /QIBM/UserData/HTTPA/admin/conf/admin-cust.conf
-----Original Message-----Dear All,
From: [email protected] [mailto:[EMAIL PROTECTED]On Behalf Of andrew_david_kerr
Sent: Friday, November 04, 2005 4:16 PM
To: [email protected]
Subject: [Easy400Group] Re: Not authorised to HTTPAdmin page
Below is still a problem for me. I have since got CGIDEV2 developed
pages working fine, but the issue below is still outstanding.
In the log I see it processing the config statements (HTRuleDB)
looking for a match for /HTTPAdmin. It goes through the EXEC, MAP,
PASS and SERVICE without finding a match and finishes with
DefaultFail. Failing "/HTTPAdmin" by default: No Pass rule.
The fact that I can see the 'AS400TASKS' page OK is because in my
config there is the following MAP statement
/AS400TASKS /QSYS.LIB/QSYSCGI.LIB/DB2WWW.PGM/QIBM/ProdData/HTTP/Protec
t/OS400/Macro/qyunmain.ndm/main0
But I have nothing for /HTTPAdmin.
Somebody must be using the original server still and has the relevant
statement? And the next stage is to go onto the Apache server. So
then there will be lots more questions I'm sure!
Thanks
Andrew
--- In [email protected], "andrew_david_kerr"
<[EMAIL PROTECTED]> wrote:
>
> Apologies if this is not strictly a CGIDEV2 issue.
>
> Some background. I have returned to the 400 after a few years away.
> Before I had developed a few things with Net.Data, but at that site
> someone had already configured the HTTP servers. Having read good
> things about CGIDEV2 I have decided to try it at my current job and
> hopefully persuade my boss that it can be useful.
>
> I installed the HTTP Server (5722DG1), the latest group PTF SF99156-
> 19 and the CGIDEV2 library. I am working with the original HTTP
> server for the moment, not Apache. The initial CGIDEV2 test pages
> work fine. But I cannot access the HTTPAdmin page. Going
> http://xxx.xxx.xx.x:2001 I get the AS/400 Tasks page fine (although
> the image for PPP Server is not appearing), but clicking on
> http://xxx.xxx.xx.x:2001/HTTPAdmin I get `Error 403 Not Authorised
to
> this page'.
>
> My profile has User Class *SECOFR and special authority *IOSYSCFG.
> Profiles QTMHHTP1 and QTMHHTTP have all rights to `/'. I have
> started the admin instance with the –vv startup values, but looking
> through the joblog at the moment I don't have sufficient knowledge
to
> figure it out! I can see lots of `Pass' statements (..did NOT
> match...) and finally a `Default Fail' stating `No Pass Rule'.
>
> Would really appreciate any help, as I would like to get into
CGIDEV2
> development. I have found similar problems in other forums, but
> unfortunately there never seems to be an indication of how to solve
> it.
>
> Thanks Andrew
>
SPONSORED LINKS
How to format a computer hard drive Iseries 400 How to format a computer
YAHOO! GROUPS LINKS
- Visit your group "Easy400Group" on the web.
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
