src/afsweb/README

   1 Copyright 2000, International Business Machines Corporation and others.
   2 All Rights Reserved.
   3
   4 This software has been released under the terms of the IBM Public
   5 License.  For details, see the LICENSE file in the top-level source
   6 directory or online at http://www.openafs.org/dl/license10.html
   7
   8 AFS Web Security Pack for the Apache Web Server, Version 1.0
   9
  10
  11 Release Notes
  12
  13 I. Introduction
  14
  15 The AFS Web Security Pack is an extension available for selected Web servers
  16 that enables system administrators to provide secure access via a
  17 Web browser to documents stored in the AFS filespace. This document
  18 provides information specific to this release of the AFS Web Security Pack.
  19
  20 Note: Due the long filenames and file extensions used for the AFS Web
  21 Secure distribution files, download of the AFS Web Secure product to
  22 a PC sometimes results in incorrect filenames. Note that all AFS Web
  23 Secure distribution files are g-zipped tar files, even if the *.tar.gz
  24 file extension is lost during the download process.
  25
  26 II. Installation Prerequisites
  27
  28 Note: If you have installed a previous version of the AFS Web Security Pack,
  29 you must first remove the previous version, including any modifications made
  30 to your Apache Web server configuration and runtime configuration files
  31 before installing this version of the product.
  32
  33 Your system must meet the following software and disk space requirements
  34 to install this version of the AFS Web Security Pack.
  35
  36 Operating system:        Solaris 2.5.1, AIX 4.2x, AIX 4.3, or AIX 4.3.1
  37 Web server:              Apache 1.2.6 or Apache 1.3.1
  38 AFS (client):            AFS Client 3.4a
  39 Disk Space:              650 KB
  40
  41 Note: Due to security considerations, OpenAFS strongly recommends that the
  42 AFS Web Security Pack be used only on a server enabled with Secure Sockets
  43 Layer (SSL).
  44
  45
  46 IV. Known Defects and Limitations
  47
  48 * Due to a preexisting problem in the AFS UNIX product, the Apache
  49 server Fancy Indexing option does not function as expected when AFS
  50 directories are displayed. If the Fancy Indexing option is enabled
  51 on the Apache server, when a user initially browses an ACL-protected
  52 directory (with "system:anyuser l" access), the user is able to see
  53 file details for directories and links, but not for files. Once the
  54 user selects a file and enters a username and password, details for
  55 the files are then displayed. This problem is not caused by the AFS Web
  56 Security Pack or the Apache server, but is due to a defect in the UNIX-based
  57 AFS code. We are working to address this problem and will make an
  58 announcement when a corrected version is available. In the interim,
  59 please be aware of this limitation as you use the AFS Web Security Pack.
  60
  61 *If the AFS Web Security Pack is used on the Apache server version 1.3.1, user
  62 directories cannot be directly accessed through the use of a special character
  63 such as a tilde (~) despite use of the Apache server User Directory directive.
  64
  65 VII. AFS Web Security Pack Documentation
  66
  67 Postscript and HTML versions of the documentation for the AFS Web Security
  68 Pack are available in the doc directory.
  69
  70 VIII. Additional Information about Apache and SSL
  71
  72 The following sites on the World Wide Web provide additional information
  73 about the Apache Web Server and SSL.
  74
  75 * Apache Home Page http://www.apache.org
  76 * Stronghold Home http://www.c2.net
  77 * Stronghold International http://www.int.c2.net
  78 * Apache-SSL Home http://www.apache-ssl.org
  79 * SSLeay FAQ http://www.psy.uq.edu.au:8080/~ftp/Crypto/