Forum archive 2000-2006

Thomas R. Shemanske - webwork2-pr4 admin course

Thomas R. Shemanske - webwork2-pr4 admin course

by Arnold Pizer -
Number of replies: 0
inactiveTopicwebwork2-pr4 admin course topic started 5/24/2004; 9:21:15 AM
last post 5/24/2004; 12:09:44 PM
userThomas R. Shemanske - webwork2-pr4 admin course  blueArrow
5/24/2004; 9:21:15 AM (reads: 846, responses: 2)
I set up the admin course in ww2-pr4(CVS - 5/23), and it seems like a nice way to manage things, but (as always) I am concerned about security.  The user is asked to supply SQL database admin passwords to make entries in the SQL tables and add new dbs.

As far as I know, mod-perl is not set up for apache-ssl so this cannot be redirected to a secure connection.  In the absense of this, can the scripts be changed to read the login information from a file with restricted read permissions?

Thanks

Tom

<| Post or View Comments |>


userGavin LaRose - Re: webwork2-pr4 admin course  blueArrow
5/24/2004; 11:47:35 AM (reads: 995, responses: 0)
Hi Tom,

Is it true that a mod_perl server can't run through SSL?  I'm only thinking about apache 1.3.x, but I have apache mod_perl running on my development server, with mod_ssl, and get the mod_perl server over SSL when connecting to the SSL port (443).   Maybe this isn't what you're asking?

Gavin

<| Post or View Comments |>


userThomas R. Shemanske - Re: webwork2-pr4 admin course  blueArrow
5/24/2004; 12:09:44 PM (reads: 998, responses: 0)
Doh!

For some reason the mod-perl stuff in the debian distribution only installs LoadModule lines for apache, not apache-ssl.

I had assumed there would have to be something special for ssl, but of course just adding the right LoadModule line and restarting the apache-ssl server, things work fine.

Cheers,

Tom

<| Post or View Comments |>