Archive

Archive for the ‘torquebox’ Category

Shibboleth settings for TorqueBox

16 July, 2011 Comments off

Authentication Settings

Notes on setting up Shibboleth against an Apache Reverse Proxy to TorqueBox.

Config File: /etc/httpd/conf.d/shib.conf

ShibUseHeaders On
AuthType shibboleth
ShibRequestSetting requireSession 1
require valid-user

The ‘ShibUseHeaders On‘ setting tells Shibboleth to pass along its attributes as request headers so your sinatra/rails application can gain access to them allowing you to implement your own authorisation system.

Simple Authorisation

If you don’t need a complex authorisation system and you don’t mind users seeing a standard Shibboleth authorisation error page:

You can implement this via your Shibboleth settings using the require statement:

ShibUseHeaders On
AuthType shibboleth
ShibRequestSetting requireSession 1
require grouper_groups ~ MySecurityGroup

Here we require the custom grouper_groups attribute matches on the regular expression after the ‘~‘. Basically to access the protected url the user must be a member of the MySecurityGroup.

Top Tip

When playing with your Shib settings don’t forget to restart httpd to see the affect.
sudo /sbin/service httpd restart

Categories: torquebox

Setup Apache Reverse Proxy to Torquebox

16 July, 2011 Comments off

Setup Apache as a Reverse Proxy in front of a standalone Torquebox server.

Apache Setup

Proxy Module

For this to work Apache must have the mod_proxy module loaded:

http://httpd.apache.org/docs/2.1/mod/mod_proxy.html

Config file: /etc/httpd/conf/httpd.conf

ProxyRequests Off # Switch off forward proxy
ProxyPreserveHost On # Pass host name onto the proxy
ProxyPass /myapp http://localhost:8080/myapp/ # Map url to remote server
ProxyPassReverse /myapp http://localhost:8080/myapp/ # Adjust header sent from remote server to match url

Here we are passing all calls to the /myapp/ url on to the Torquebox server http://localhost:8080/myapp/

TorqueBox Setup

In your Torquebox application folder create a file ‘config/torquebox.yml’ which contains a context which matches the Apache reverse proxy url.

torquebox.yml

web:
context: /myapp
ruby:
version: 1.9

Categories: General, torquebox

TorqueBox – gem install error

14 July, 2011 Comments off

TorqueBox Install

I’m playing with latest version of TorqueBox (Currently 2.x.incremental.245) the easiest way to install it is via a gem:

gem install torquebox-server --pre --source http://torquebox.org/2x/builds/LATEST/gem-repo/

Full details on the TorqueBox blog (http://torquebox.org/news/2011/06/10/torquebox-gem/).

Error

Anyhoose when doing the gem install on my dev server (CentOS 5.6) I got the error:

Error: Your application used more memory than the safety cap of 500m.
Specify -J-Xmx####m to increase it (#### = cap size in MB).

Fix

After a bit digging around it turns out you need to set the heap size when running the gem install:

jruby -J-Xmx900m -S gem install torquebox-server --pre --source http://torquebox.org/2x/builds/LATEST/gem-repo/

More details on stackoverflow.

Hope that helps someone or maybe me if have to do this again!

Categories: torquebox