  | Administrator Handbook | TOC |
Configuring and Starting the Web Server Process
Adding a WEB server process
When you initially install LoriotPro the ‘LoriotPro http Server’ is automatically loaded as well as the supervision service called ‘DashBoardService’.
Default loaded Plugin
If you do not have the HTTP Server running you
should add it to be able to use the Remote Access.
In the Service workspace, click the right mouse button the contextual menu
is displayed.
Select Http Server or add new service option.
The first immediatly insert the service, the second option open the Plug-in Loader below.
Both option give the same result. The plug'in loader give you more details about each Service Plug-in.
Removing the HTTP Server process
If you don’t want to use this Web server, you have to right click on the service
and from the contextual menu choose ‘Delete Service’.
Service delete
Or from the main menu
Delete a service from the main menu
WEB server configuration
By default, the WEB server has predefined settings that for security reasons allow you only to access it locally. To change this setting and allows remote navigator to access it, you have to change the default properties. The properties are accessible from the contextual menu link to the process.
Service properties
The ‘HTTPD Options’ is displayed.
Configuration window of the Web server process
The default port used for the WEB server is 8010 and only the localhost (loopback address 127.0.0.1) has the permission to connect to it.
Saving WEB Configuration
To save your configuration in a file click on the Save Config button :
Configuration save.
Warning
Be sure that the file is saved in the LoriotPro /bin/config/httpd directory.
Access filters
The main point of interest of the LoriotPro WEB server is to give access to the SNMP collected data from anywhere and from a standard WEB navigator. Unfortunately, the major drawback is that unauthorized users could see private or sensible information about your infrastructure. To avoid such risk, the WEB server is only visible for pre-conFigure d users by the means of an access list. To allow a remote host to access the WEB server you have to know its IP address.
The WEB service uses a filtering strategy based on the remote host IP address. A list of authorized or unauthorized hosts could be defined regarding their IP address.
The principle of the filter is to check the incoming IP address of an incoming request and then sequentially compare it to the rules defined in the list, if a condition is satisfied the according action is applied, either permit the request or deny it.
Acces filter
Let us use an example, suppose that the host has the 10.33.10.130 IP address.
- Select
the line in the list where you want to insert a new rule.
- Enter the IP address
and the mask of the host to filter
- Choose either permit
or Deny.
- Click on Ins
Complex filter
In the following example we want to deny access to the 10.33.10.130 host but still allow access for other hosts off this IP subnet.
The rule order use here is important, if the host 10.33.10.130 tries to connect the first rule will apply and the connection will be rejected.
Complex filter
Script functions
By default the WEB server allows the user to start LoriotPro scripts or PHP scripts. However you can disable this possibility if you don’t want that remote user to start SNMP request on Directory host objects.
To cancel the support of script, un-checke the following options:
PHP script options
LoriotPro includes an innovative function that allows you to mix proprietary script and PHP script.
To use it you should first install a PHP interpreter in CGI mode of at least the 4.06 version.
For more details on this installation, refer to the link:
The http://www.easyphp.org site proposes you an installation script that does everything automatically. It installs PHP and MYSQL which in the version 1.5 is fully compliant with LoriotPro. The version 1.6 of PHP does not support CGI mode.
Once the PHP software is installed, you should inform LoriotPro of the directory where the file php.exe is located.
Use the browse button.
Looking for the php.exe.file
Path of the php.exe
Modifying the default TCP server port
The server uses by default the TCP 8020 port and 20 Threads to provide good response times on HTTP requests. You can change these values if needed.
Example: Port TCP 82 and 10 Threads
Modifying the TCP port.
The new local URL has become : http://127.0.0.1:82
WEB server console
If you double click on the HTTP server a graphical console is displayed.
The console allow you to control the WEB server.
You can start and stop the WEB server with the Start/Stop button.
The Properties button opens the configuration window.
The Go Home button opens the server home page.
Two vu-meters and a double graph are available and give information on the WEB server load. Graphics are refreshed every 10 seconds.
The blue graph provides the throughput in Kilobytes/second.
The yellow one provides the number of received requests.
The 
button hides the window.
You can access the User Manager to define the users and their rights for accessing the LoriotPro from a remote WEB navigator.
You can access the Report Manager and set access level on the report files.
Directory access security
We have seen that it was possible to filter access to the Directory for WEB users. It could be necessary to deny access to specific branches of the Directory tree. This security is global to all remote users. To define access control per user it is necessary to use the User Manager.
To deny access to a Directory object, you should use the ‘lock/unlock Remote Access’ option available in the Directory menu.
:
Select the object that you want to lock from a Web access and then from the contextual menu choose ‘lock/unlock Remote Access’ .
or in the main menu
Directory> Lock/Unlock remote Access
If a lock is set on an object, a blue point is added to the icon object in the upper left hand corner. Such objects are not visible to WEB users.
To unlock the branch, just click on the same option ‘Lock/Unlock remote Access’ in the menu
Warning
The Directory tree is viewed with a Navigator but is not dynamically refreshed
like the one under the Windows native environment. You should use the refresh
button to force an update from the LoriotPro WEB server. Some versions of
the Netscape navigator do not support the display of the Directory tree.
www.loriotpro.com |
|