Ajaxplorer

From SME Server
Revision as of 17:52, 5 July 2011 by VIP-ire (talk | contribs) (Created page with "{{Languages}} ===Maintainer=== Daniel B.<br/> [http://www.firewall-services.com Firewall Services]<br> mailto:daniel@firewall-services.com === Description ==...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search



Maintainer

Daniel B.
Firewall Services
mailto:daniel@firewall-services.com


Description

Ajaxplorer is a web based file manager. You can take a look at the online demo (use demo as login and password). This contrib integrate Ajaxplorer with the SharedFolders contrib. If Ajaxplorer is installed, you'll see a new option in the configuration of shared folders asking you if you want to enable access to this shared folders through Ajaxplorer.

Requirement

This contrib has been developped and tested on SME Server 8b6 and later. It probably won't work on SME 7.

Installation

Configure Firewall-Services's repository:

db yum_repositories set fws repository \
BaseURL http://repo.firewall-services.com/centos/\$releasever \
EnableGroups no GPGCheck yes \
Name "Firewall Services" \
GPGKey http://repo.firewall-services.com/RPM-GPG-KEY \
Visible yes status disabled
signal-event yum-modify
  • install the rpms
yum --enablerepo=fws install smeserver-ajaxplorer
  • Restart the services
signal-event webapps-update

Now you should go in the server-manager, and modify an existing share (or create a new one), with Ajaxplorer access enabled. Then, you can access the application using this URL: https://your-server.domain.tld/ajaxplorer Each user will only see shares to which they have access. Permissions through Ajaxplorer will be the same that is configured in the shared folders (the same as samba access)

Additional options

Some settings are available from the DB

  • Authentication: Control the way users are authenticated. Correct values are http (apache protect the access, users need to login with their own credentials), or LemonLDAP which uses LemonLDAP-NG to grant access to the application
  • AliasOnPrimary: can be enabled or disabled (default is enabled). This prop lets you disable the access to Ajaxplorer on your primary domain (the alias /ajaxplorer won't be added in apache configuration). This is useful if you want the application to be available only with a virtualhost.
  • access: can be public or private (default is private). Control if /ajaxplorer is available only from local networks or from the Internet.


example:

db configuration setprop ajaxplorer access public
signal-event webapps-update

Integration with LemonLDAP::NG

Ajaxplorer can be protected by LemonLDAP::NG. Here're the steps to protect it

Disable the access on the primary domain

You should disable the access to Ajaxplorer on your primary domain:

db configuration setprop ajaxplorer AliasOnPrimary disabled
signal-event webapps-update

Enable LemonLDAP::NG integration

This contrib support LemonLDAP NG auth quite easily:

db configuration setprop ajaxplorer Authentication LemonLDAP
signal-event webapps-update

Create a new virtualhost for Ajaxplorer

Lets create a new virtualhost for Ajaxplorer. You can choose the name you want, for example, lets create exchange.domain.tld:

db domains set exchange.$(db configuration get DomainName) domain Content Primary Description 'Ajaxplorer' \
DocumentRoot /usr/share/ajaxplorer Nameservers internet TemplatePath WebAppVirtualHost \
LemonLDAP enabled
signal-event domain-create exchange.$(db configuration get DomainName)
signal-event webapps-update

Declare this virtualhost in LemonLDAP

You can now create the virtualhost in LemonLDAP management interface. You can create the rules you want. For example, here're the rules to accept only members of the group 'webexchange'

  • Comment: default
  • Rule: $groups =~ /\bwebexchange\b/

Uninstall

If you want to remove the contrib, just run:

yum remove ajaxplorer

Source

The source for this contrib can be found in Firewall-Services's repository [1].