Re: Help needed
Hi. I'm trying to get Orion Server to start as a non-root users on Red Hat 7.1. I know I need to forward the port from 80 to something above 1024. Does any one know how I can do that with iptables. I've never used it before. ipchains -I input --protocol tcp \ --destination-port 80 -j REDIRECT 10240 If the Orion port is 10240. You need to configure your kernel to support redirecting. Consult Kernel docs. Any help would be appreceated. Bill Wichgers Lachezar
Re[2]: Help needed
I'm trying to get Orion Server to start as a non-root users on Red Hat 7.1. I know I need to forward the port from 80 to something above 1024. Does any one know how I can do that with iptables. I've never used it before. LD ipchains -I input --protocol tcp \ LD --destination-port 80 -j REDIRECT 10240 LD If the Orion port is 10240. LD You need to configure your kernel to support redirecting. LD Consult Kernel docs. I have the same problem with Mandrake 8.0 It seems that all newest Linux releases use iptables instead of ipchains and the syntax is a little different. Any suggestion ? TIA Marcello
RE: Additional invocations to the UserManager
I saw this too and went to FORM authentication and don't see this anymore. I still use UserManager to receive the user/passwd from the FORM via the Container, but I don't see the UserManager calls on every request. Based on this, I feel it's a bug in orion that BASIC behaves this way. curt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Trujillo, Kris Sent: Friday, August 31, 2001 6:11 PM To: Orion-Interest Subject: Additional invocations to the UserManager I have written a custom UserManager and have setup security-constraints against several JSPs in my application...everything works great..almost. I'm noticing that after the user has successfully been authenticated that my UserManager is being recalled for every page request made by the user. The difference being that the user is not reprompted to enter a username and password. The problem with this is that it causes a lot of additional overhead because the user is reauthenticated and has the group checking revalidated for every request. Is it possible to setup Orion so it won't behave this way? It seems like once the user has been authenticated once that they should not be reauthenticated until their session has expired. Thanks
Re: Re[2]: Help needed
Hello. I'm trying to get Orion Server to start as a non-root users on Red Hat 7.1. I know I need to forward the port from 80 to something above 1024. Does any one know how I can do that with iptables. I've never used it before. LD ipchains -I input --protocol tcp \ LD --destination-port 80 -j REDIRECT 10240 LD If the Orion port is 10240. LD You need to configure your kernel to support redirecting. LD Consult Kernel docs. I have the same problem with Mandrake 8.0 It seems that all newest Linux releases use iptables instead of ipchains and the syntax is a little different. Any suggestion ? 1. You may decide to use IPChains instead of IPTables. This is a Kernel-Conf problem. 2. I don't use IPTables, but... I searched some info on the net, and it seems, that it is not too different for IPTables than the ipchains one. Maybe you will have to write -I INPUT?!?!? TIA Marcello Lachezar
RE: Help needed
Instead of IP tables, you could use Apache to proxy port 80 requests to the port your Orion is listening for. You set up your virtual host in your apache conf file like this (you need to make sure you have the Apache proxy module installed): VirtualHost youripaddress:80 ServerName www.yourdomain.com ProxyRequests On RewriteEngine On RewriteRule ^/(.*) http://www.yourdomain.com:4321/$1 [P] TransferLog /pathtowhereyouwanttologaccess/access LogFormat %v %h %l %u %t \%r\ %s %b \%{Referer}i\ \%{User-Agent}i\ /VirtualHost (where 4321 is the port number your Orion is listening on.) If you do that make sure you add this between your website tags to your web-site xml file (the one in your orion/config dir): frontend host=www.yourdomain.com port=80 / You need to bear in mind that it makes your Orion access log files useless as all request appear to have come from the same IP. All you do is use the Apache ones instead. Check out: http://www.orionsupport.com/articles/apachefrontend.html for some additional info. Hope this helps. Johnny -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bill Wichgers Sent: 31 August 2001 16:49 To: Orion-Interest Subject: Help needed I'm trying to get Orion Server to start as a non-root users on Red Hat 7.1. I know I need to forward the port from 80 to something above 1024. Does any one know how I can do that with iptables. I've never used it before. Any help would be appreceated. Bill Wichgers
RE: Additional invocations to the UserManager
Nope. This is browser, not orion behavior. It complies to the HTTP specs. -Original Message- From: Curt Smith [mailto:[EMAIL PROTECTED]] Sent: Sábado, 01 de Septiembre de 2001 10:43 To: Orion-Interest Subject: RE: Additional invocations to the UserManager I saw this too and went to FORM authentication and don't see this anymore. I still use UserManager to receive the user/passwd from the FORM via the Container, but I don't see the UserManager calls on every request. Based on this, I feel it's a bug in orion that BASIC behaves this way. curt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Trujillo, Kris Sent: Friday, August 31, 2001 6:11 PM To: Orion-Interest Subject: Additional invocations to the UserManager I have written a custom UserManager and have setup security-constraints against several JSPs in my application...everything works great..almost. I'm noticing that after the user has successfully been authenticated that my UserManager is being recalled for every page request made by the user. The difference being that the user is not reprompted to enter a username and password. The problem with this is that it causes a lot of additional overhead because the user is reauthenticated and has the group checking revalidated for every request. Is it possible to setup Orion so it won't behave this way? It seems like once the user has been authenticated once that they should not be reauthenticated until their session has expired. Thanks