Package Docs: Odyssey-2 Data

The data directory of the odyssey-2 package contains the following items:

• admin: See "Miscellaneous Shared Data" below.
• default: Default Java source code. See OdysseyJavaCode.
• home: Home directory for the odyssey user. See "Odyssey Home Directory" below.
• httpd: Web server configuration fragments. See "Web Server Configuration" below.
• javac: Java compiler error results. See OdysseyJavaCode.
• regional: See "Miscellaneous Shared Data" below.
• spool: See "Miscellaneous Shared Data" below.
• static: Static web data. See "Web Server Configuration" below.
• web-uw-clf: Files to implement the UW CLF. See LookAndFeelImplementation.

Miscellaneous Shared Data

The admin, spool, and regional directories are for use by the odyssey-2 installations in specific regions. Anything that is specific to specific installations can go in these directories.

Care should be taken to structure the contents of these directories in a sensible fashion.

Odyssey Home Directory

data/home is the home directory for the odyssey user. It contains a regional .forward file, which should be set to an appropriate local recipient of mail to odyssey.

There is also a local .ssh directory, which is initialized with an empty authorized_keys and a newly-generated id_rsa and id_rsa.pub by the package install script.

Web Server Configuration

data/httpd contains configuration fragments for Apache 1.3.

odyssey.conf is meant to be included in every virtual host, and configures the following URL locations:

• /odyssey-static/: served by the data/static directory.
• /odyssey/: served by the Odyssey CGI gateway (cgigate; see OdysseyAdapter).
• /odyssey-anon/: same as /odyssey/.

odysseySecure.conf is meant to be included in the appropriate SSL virtual host (one per region), and configures /odyssey-local/ to be served by the Odyssey Web gateway (webgate; see OdysseyAdapter). Additionally it applies authentication to /odyssey/ and /odyssey-local/.

Note that this means that /odyssey/ and /odyssey-anon/ are the same except on SSL virtual hosts, where one is authenticated and the other is not. For protected content, /odyssey/ must be used. For unprotected content, /odyssey/ should also be used, unless the content must be accessible through unprotected channels on SSL virtual hosts. In practice, the only reason known for this if if the content is the target of an SSI include directive. So unless another reason is determined, /odyssey-anon/ URLs should never be advertised as the equivalent /odyssey/ one can always be used instead.

If we can improve the web server so that authentication or a login can be demanded only when needed, and still have effect when supplied, then /odyssey-anon/ will be eliminated. But under Apache, the CGI will not see the credentials supplied by the browser unless the server configuration requires authentication. So it is useless for the CGI to attempt to turn on authentication by serving a 401 error code: doing so will result in the browser displaying the Auth box, but the credentials it sends are not forwarded to the CGI by Apache.

-- IsaacMorland - 24 Jan 2007