paul@933 | 1 | = Web Server Integration = |
paul@933 | 2 | |
paul@934 | 3 | Although imip-agent is mostly concerned with e-mail messaging, it can |
paul@934 | 4 | integrate with a Web server for the following purposes: |
paul@933 | 5 | |
paul@961 | 6 | * To [[../FreeBusyPublishing|publish free/busy information]] for calendar users |
paul@961 | 7 | * To provide a [[../CalendarManager|management interface]] for calendar users |
paul@933 | 8 | |
paul@934 | 9 | Currently, imip-agent provides configuration files for Apache, but other Web |
paul@934 | 10 | servers may also be supported. |
paul@933 | 11 | |
paul@961 | 12 | == Authentication and Access Control in Apache == |
paul@933 | 13 | |
paul@934 | 14 | Apache supports a range of mechanisms for protecting resources and |
paul@934 | 15 | authenticating users. Most usefully for imip-agent given the |
paul@934 | 16 | [[../MailIntegration|e-mail integration]] requirements, modules supporting |
paul@934 | 17 | [[http://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html|LDAP]] and |
paul@949 | 18 | [[http://httpd.apache.org/docs/2.4/mod/mod_auth_basic.html|text-based lists]] |
paul@949 | 19 | of users are available for such purposes. |
paul@961 | 20 | |
paul@961 | 21 | == Configuring Web Servers for Free/Busy Publishing == |
paul@961 | 22 | |
paul@961 | 23 | Each user may request the [[../FreeBusyPublishing|publishing]] of their |
paul@961 | 24 | free/busy information by configuring certain settings. The |
paul@961 | 25 | `conf/apache/imip-agent.conf` file provides a configuration file for |
paul@961 | 26 | deployment with the Apache Web server software that exposes a directory for |
paul@961 | 27 | Web publishing containing the published free/busy information. |
paul@961 | 28 | |
paul@963 | 29 | On Debian, to enable the serving of free/busy data, copy the configuration |
paul@963 | 30 | file to the Apache configuration and enable it as follows |
paul@963 | 31 | |
paul@963 | 32 | {{{ |
paul@963 | 33 | cp conf/apache/imip-agent.conf /etc/apache2/sites-available/ |
paul@963 | 34 | a2ensite imip-agent |
paul@963 | 35 | }}} |
paul@963 | 36 | |
paul@961 | 37 | Access to free/busy information may not be moderated, but Web server |
paul@961 | 38 | directives can be introduced to impose access controls. Mail programs that |
paul@961 | 39 | wish to consult the free/busy information may have problems in dealing with |
paul@961 | 40 | authentication mechanisms, however, and it may be regarded as acceptable in |
paul@961 | 41 | certain environments to expose such information publicly or with |
paul@961 | 42 | network-specific access constraints. |
paul@961 | 43 | |
paul@961 | 44 | == Configuring Web Servers for the Calendar Management Interface == |
paul@961 | 45 | |
paul@961 | 46 | A [[../CalendarManager|calendar management interface]] is provided to allow |
paul@961 | 47 | users to view and interact with their calendars through the Web. The |
paul@961 | 48 | `conf/apache/imip-manager.conf` file provides a configuration file for |
paul@961 | 49 | deployment with the Apache Web server software that enables this interface. |
paul@961 | 50 | |
paul@963 | 51 | On Debian, to enable the management interface, copy the configuration file to |
paul@963 | 52 | the Apache configuration and enable it as follows: |
paul@963 | 53 | |
paul@963 | 54 | {{{ |
paul@963 | 55 | cp conf/apache/imip-manager.conf /etc/apache2/sites-available/ |
paul@963 | 56 | a2ensite imip-manager |
paul@963 | 57 | }}} |
paul@963 | 58 | |
paul@961 | 59 | The management interface is deployed as a CGI program, meaning that a suitable |
paul@961 | 60 | module must be enabled in the Apache configuration. On Debian, this is done as |
paul@961 | 61 | follows: |
paul@961 | 62 | |
paul@961 | 63 | {{{ |
paul@961 | 64 | a2enmod cgi |
paul@961 | 65 | }}} |
paul@961 | 66 | |
paul@961 | 67 | Since such access to calendars should only be performed by identified |
paul@961 | 68 | users, access controls are suggested in the configuration file. Modules |
paul@961 | 69 | providing additional authentication support may need to be enabled. For |
paul@961 | 70 | example, on Debian, the LDAP authentication/authorisation support is enabled |
paul@961 | 71 | as follows: |
paul@961 | 72 | |
paul@961 | 73 | {{{ |
paul@961 | 74 | a2enmod authnz_ldap |
paul@961 | 75 | }}} |