paul@933 | 1 | = Web Server Integration = |
paul@933 | 2 | |
paul@934 | 3 | Although imip-agent is mostly concerned with e-mail messaging, it can |
paul@934 | 4 | integrate with a Web server for the following purposes: |
paul@933 | 5 | |
paul@961 | 6 | * To [[../FreeBusyPublishing|publish free/busy information]] for calendar users |
paul@961 | 7 | * To provide a [[../CalendarManager|management interface]] for calendar users |
paul@933 | 8 | |
paul@934 | 9 | Currently, imip-agent provides configuration files for Apache, but other Web |
paul@934 | 10 | servers may also be supported. |
paul@933 | 11 | |
paul@961 | 12 | == Authentication and Access Control in Apache == |
paul@933 | 13 | |
paul@934 | 14 | Apache supports a range of mechanisms for protecting resources and |
paul@934 | 15 | authenticating users. Most usefully for imip-agent given the |
paul@934 | 16 | [[../MailIntegration|e-mail integration]] requirements, modules supporting |
paul@934 | 17 | [[http://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html|LDAP]] and |
paul@949 | 18 | [[http://httpd.apache.org/docs/2.4/mod/mod_auth_basic.html|text-based lists]] |
paul@949 | 19 | of users are available for such purposes. |
paul@961 | 20 | |
paul@961 | 21 | == Configuring Web Servers for Free/Busy Publishing == |
paul@961 | 22 | |
paul@961 | 23 | Each user may request the [[../FreeBusyPublishing|publishing]] of their |
paul@961 | 24 | free/busy information by configuring certain settings. The |
paul@961 | 25 | `conf/apache/imip-agent.conf` file provides a configuration file for |
paul@961 | 26 | deployment with the Apache Web server software that exposes a directory for |
paul@961 | 27 | Web publishing containing the published free/busy information. |
paul@961 | 28 | |
paul@961 | 29 | Access to free/busy information may not be moderated, but Web server |
paul@961 | 30 | directives can be introduced to impose access controls. Mail programs that |
paul@961 | 31 | wish to consult the free/busy information may have problems in dealing with |
paul@961 | 32 | authentication mechanisms, however, and it may be regarded as acceptable in |
paul@961 | 33 | certain environments to expose such information publicly or with |
paul@961 | 34 | network-specific access constraints. |
paul@961 | 35 | |
paul@961 | 36 | == Configuring Web Servers for the Calendar Management Interface == |
paul@961 | 37 | |
paul@961 | 38 | A [[../CalendarManager|calendar management interface]] is provided to allow |
paul@961 | 39 | users to view and interact with their calendars through the Web. The |
paul@961 | 40 | `conf/apache/imip-manager.conf` file provides a configuration file for |
paul@961 | 41 | deployment with the Apache Web server software that enables this interface. |
paul@961 | 42 | |
paul@961 | 43 | The management interface is deployed as a CGI program, meaning that a suitable |
paul@961 | 44 | module must be enabled in the Apache configuration. On Debian, this is done as |
paul@961 | 45 | follows: |
paul@961 | 46 | |
paul@961 | 47 | {{{ |
paul@961 | 48 | a2enmod cgi |
paul@961 | 49 | }}} |
paul@961 | 50 | |
paul@961 | 51 | Since such access to calendars should only be performed by identified |
paul@961 | 52 | users, access controls are suggested in the configuration file. Modules |
paul@961 | 53 | providing additional authentication support may need to be enabled. For |
paul@961 | 54 | example, on Debian, the LDAP authentication/authorisation support is enabled |
paul@961 | 55 | as follows: |
paul@961 | 56 | |
paul@961 | 57 | {{{ |
paul@961 | 58 | a2enmod authnz_ldap |
paul@961 | 59 | }}} |