7.2 Setting Up the Web Server

7.2.1 Installing the Apache Web Server and PHP Components

The following instructions are for SUSEĀ® Linux Enterprise Server (SLES)10.x.

IMPORTANT:If you have installed your Identity Server on SLES 9.x, you need to make modifications to the following instructions. To install software with Yast, you click Software > Install and Remove Software. SLES 9.x uses PHP4 modules instead of PHP 5 modules.

  1. Download and install the Apache 2 and PHP 5 modules:

    1. On your SLES 10.x server, click the YaST Control Center icon, provide your root password if requested, then click OK.

    2. In the YaST left navigation window, click the Software icon, then click Software Management.

      The YaST software Search screen should open.

    3. In the Search field, type Apache2, then click Search.

      All available Apache 2 software packages are listed.

    4. If they are not already selected, select the following Apache 2 check boxes:

      apache2: Specifies the Apache 2.0 Web server.

      apache2-mod_php5: Specifies the PHP5 module for Apache 2.0.

      apache2-prefork: Specifies the Apache 2 prefork multi-processing module.

      apache2-worker: Specifies the Apache 2 worker multi-processing module.

    5. Click Check to identify and resolve any dependency issues.

    6. Click Accept, then click Continue.

      YaST should install the selected Apache server components.

    7. To install the required PHP server components, answer Yes to the prompt to install additional software.

    8. In the Search field, type php, then click Search.

      All available PHP software packages are listed.

    9. If they are not already installed, select the following PHP check boxes:

      apache2-mod_php5: Installs the PHP 5 module for Apache 2.0.

      php5: Installs the PHP 5 core files.

    10. If you need to install the packages, click Check to identify and resolve any dependency issues. If the packages are already installed, click Cancel and continue with Step 2.

    11. Click Accept, then click Continue.

      YaST should install the selected PHP server components.

  2. Configure SUSE to start the Apache server during boot up:

    1. In the YaST left navigation window, click Network Services > HTTP Server.

    2. In the HTTP Server Wizard, enable the Start Apache2 Server When Booting option, then click Finish.

7.2.2 Installing Digital Airlines Components

The Digital Airlines example package contains the following components:

Figure 7-3 Directory Structure of Digital Airlines Sample Components

  • vpn.html: Specifies the GUI interface page for initiating a VPN session.

  • sales.php: Contains the sales PHP database files associated with the example.

  • payroll.html: Specifies the GUI interface page for initiating a payroll session.

  • medical.html: Specifies the GUI interface page for initiating a VPN session.

  • index.php: Contains the welcome HTML index file for establishing secure authentication.

  • sales: Specifies subdirectory that can be configured to require basic authentication.

  • images: Contains all image files associated with the example.

  • .svn: Contains the associated Subversion* files necessary for revision control.

In this example configuration, you use the Access Gateway to protect the Digital Airlines Web site, which is installed on your Identity Server. This section describes where your example Digital Airlines components are located and how to add them to your Identity Server.

  1. Download the Digital Airlines Sample Pages from the Additional Resources section in the Novell Documentation site

  2. Extract htdocs.tar.gz to a root directory of the Web server. For an Apache 2 Web server on SLES 9.x or 10.x, extract the files to the following directory:

    /srv/www/htdocs/

  3. Determine the DNS name and IP address of the SUSE Linux server on which your example files are installed:

    1. Log in to the YaST Control Center as the root user.

    2. Click Network Services > Host Names, then write down the IP address and hostname of your server:

      IP Address: __________________________

      Hostname: __________________________

      As required later in the installation (see Step 8), you must provide the host name and server configuration information to establish the network connection between the Web server you are protecting (the server where your Web service components are located) and the Access Gateway.

  4. Continue with Section 7.2.3, Configuring Name Resolution.

7.2.3 Configuring Name Resolution

The Identity Server needs to resolve the DNS name of the Access Gateway, the Access Gateway needs to resolve the DNS name of the Identity Server, and the client that is accessing the Digital Airlines site needs to be able to resolve the names of both the Access Gateway and the Identity Server.

You can either set up your DNS server to resolve the DNS name of the Identity Server and the Access Gateway to the correct IP address, or you need to modify the hosts file on the various machines to perform the resolution.

Client: The hosts file of the client machine needs to contain entries for the Identity Server and the Access Gateway.

Identity Server: The hosts file on the Identity Server needs to contain an entry for the Access Gateway.

Access Gateway: The hosts file on the Access Gateway needs to contain an entry for the Identity Server.

Each platform has its own location for the host file.

Platform

Location

Windows

C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS

Linux

/etc/hosts

NetWare

sys:/etc/hosts

Continue with Section 7.3, Configuring Public Access to Digital Airlines.