Archive for the ‘ Apache ’ Category

SF2: Apache2 based HTTP-Authentication with Capifony

Almost every RoR dev knows Capistrano. It’s an awesome tool for deploying RoR applications (not only, but let’s leave it at that for know 😉 ) and also as a Symfony2 dev one can harness its power with Capifony.

I usually create Apache2 based HTTP-Authentication by hand for projects where the customer doesn’t provide a dedicated staging server but wants me to deploy on their live-system without going public. But in one of my current projects htpasswd wasn’t available in the restricted SSH-Shell, I could only use their web-based “Directory Security Tool”. That was fine for the first deploy, but afterwards I was always greeted with a 500 server error. But why?

Continue reading


Using Access Control List for web-development

Who doesn’t know that situation? You’re implementing a feature (e.g.: a file upload :-P) in whatever language you like and when you test it it fails because the web server has no permissions whatsoever to write to that directory. Bummer!

There are quite a few different ways to handle that: chmod 777, chown -R webServer, run the web server as you, suEXEC… but they all bring their own bunch of problems with them (which I won’t pursue in-depth now). The imho most elegant solution are Access Control Lists. With ACLs you get everything you need and when done properly, will render permission problems a thing of the past.

The following commands do basically the same just on two different operating systems. They grant the web-server user (_www/www-data) and me (pubmem) all rights in the directory foo and it’s subdirectories and set default ACL rights that future files/directories will inherit. The last commands (ls and getfacl respectively) allow you to review the ACLs set. For further information regarding the flags RTM. 😉
OS X (10.6):

chmod -R +a 'pubmem allow read,write,delete,add_file,add_subdirectory,file_inherit,directory_inherit' foo
chmod -R +a '_www allow read,write,delete,add_file,add_subdirectory,file_inherit,directory_inherit' foo
ls -led foo

Ubuntu 10.04:

setfacl -R -m u:www-data:rwx,d:u:www-data:rwx,u:pubmem:rwx,d:u:pubmem:rwx foo
getfacl foo