Security Profile #1 - SP1
Domain: tkdsoftware.com
Security Profile #2 - SP2
Domain: petsutopia.com
Security Profile #3 - SP3
Domain: [nothing]
Hector -
I wanted to bring this up before I forget what I was thinking earlier
today about this... and get your opinion and others as well because I
am not sure what the goal is in order to offer this.
But with that in mind, lets assume for the moment we take a multiple
phased approach. I'm coming from the mind-set that the demand is to
be able to have multiple WCWEB domains point to different WWWROOT directories.
So, lets assume the following setup similar to things here:
Security Profile #1 - SP1
Domain: tkdsoftware.com
Security Profile #2 - SP2
Domain: petsutopia.com
Security Profile #3 - SP3
Domain: [nothing]
Now, as the web server stands today, we have:
wc:\http\public
wc:\http
wc:\http\template
These are the major player directories.
Now, could WCWEB be capable of reading the HTTP 'Host' header if it is passed and do a lookup against the domains defined in all the security profiles?
If so, then could the following logic be implemented:
Request: http://www.petsutopia.com (not authenticated)
1. WCWEB sees that the session isn't authenticated and the URI is not
referring to a protected document, so the request gets sent to
http://www.petsutopia.com/public/
2. WCWEB sees the wc:\http\public\default.htm request come in and it
checks the web root folders in the following order:
Check Host Header wwwroot directory if exists
wc:\http(petsutopia.com)\public -->
wc5\wwwroot\petsutopia.com\public
Check Computer Config wwwroot directory if exists
wc:\http(tkdsoftware.com)\public -->
wc5\wwwroot\tkdsoftware.com\public
Fall back to original logic
wc:\http\public -> wc5\http\public
3. When user logs into the web server, requests for protected
documents would follow a simliar pattern:
wc:\http(petsutopia.com)\default.htm ->
wc5\wwwroot\petsutopia.com\default.htm
wc:\http(tkdsoftware.com)\default.htm ->
wc5\wwwroot\tkdsoftware.com\default.htm
wc:\http\default.htm -> wc5\http\default.htm
4. When templates are requested, simliarly:
wc:\http(petsutopia.com)\template\XXX.htm ->
wc5\wwwroot\petsutopia.com\template\XXX.htm
...
wc:\http\template\XXX.htm -> wc5\http\template\XXX.htm
I know that when (or if we) get to this point to do this, it is going to
be a BIG change and require loads of testing ... Not sure when you have this slated on the project timeline, but since this idea came to my
head, I certainly wanted to pass it along to you.
Just to recap, for non-authenticated sessions, the host header would be
used to initially determine the wwwroot directory path. If that path
does not exist, try the domain for the computer running wconline. If
that path does not exist, default to the current directory logic.
For authenticated sessions, we could just use the security profile
domain to determine the web root directory path instead of then relying
on the host headers (unless you want to always carry this thru
regardless).
Anyways, gonna grab some TV.. Chat soon.
Thanks,
Chris
Sysop: | digital man |
---|---|
Location: | Riverside County, California |
Users: | 1,038 |
Nodes: | 15 (0 / 15) |
Uptime: | 39:19:30 |
Calls: | 870 |
Calls today: | 4 |
Files: | 95,180 |
D/L today: |
1,710 files (236M bytes) |
Messages: | 465,330 |