I found this topic about using ISPconfig database to authenticate from other applications. So we can use isp_isp_user table, adding a new password field: ALTER TABLE isp_isp_user ADD app_password VARCHAR(255) And for example use it as apache MySQL_Auth: Auth_MySQL_DB db_ispconfig Auth_MySQL_Password_Table isp_isp_user Auth_MySQL_Username_Field user_username Auth_MySQL_Password_Field app_password Auth_MySQL_Empty_Passwords off Auth_MySQL_Encryption_Types MySQL require user_name But then, to administer this, I still have some questions: - Is there a way to edit this new fields in the admin user Form? - How could we add this field to the remoting framework? Thanks for your help
You can not add this field with the form editor, it will collide with the current password field. Add the field with phpmyadmin and the change the ISPConfig code in the file ispconfig_isp_user.lib.php to populate your new password field with the correct password hash when a user is added or updated. This should work automatically with the remoting framework too.
Another problem Thank you! I will give it a try... Could you help me in finding the ispconfig_isp_user.lib.php and the functions to modify in order to manage a new field in ISPConfig Forms and Remoting. I would also like to add a directory block in the vhost file to define the Auth_MySQL restriction for the site. Code: <Directory /var/www/web1/web> AuthType Basic AuthName "Restricted Access" Auth_MySQL_DB db_ispconfig Auth_MySQL_Password_Table isp_isp_user Auth_MySQL_Username_Field user_username Auth_MySQL_Password_Field app_password Auth_MySQL_Empty_Passwords off Auth_MySQL_Encryption_Types MySQL require user_name </Directory> I cannot add it in /etc/apache2/vhosts/Vhosts_ispconfig.conf and when I use the apache directive field in the site form, it is rejected. Do you see any mean to succeed in automaticaly add extra code to vhost definition? Is there a way to get the web_path and user_name from any availabe variable? ie using something like this: Code: <Directory $web_path/web> [snip] require $user_name </Directory>
Thanks! I was wondering when make_vhost() is called? Obviously at the creation action, but I would like to update some of the properties after the creation of the vhost entry. It seems that a mechanism updates Vhosts_ispconfig.conf regularly (it removes what I added sometimes). Does this function is used during these updates?
1° I have added a new section in make_vhost(), and in /root/ispconfig/isp/conf/vhost.conf.master but nothing appears in Vhosts_ispconfig.conf cat /root/ispconfig/isp/conf/vhost.conf.master Could you tell me what I am doing wrong?? 2° Is it possible to update Vhosts_ispconfig.conf whenever we want? Is it cron mechanism, or any manual way to refresh vhost file? 3° Help me, I am using ISPConfig-2.3.1-dev.tar.gz and I cannot find ispconfig_isp_user.lib.php Path must have change?
It is event based. If you edit something in the frontend, a event is generated and the server script is executed with a short delay. Finding files under linus is easy. Run the command: locate ispconfig_isp_user.lib.php If you locate database is too old, run updatedn before. The file is located in /home/admispconfig/ispconfig/lib/classes/ispconfig_isp_user.lib.php
Oh! I've run the find . -name from /root/ispconfig/ (Too tired)... In fact I am still trying to find the way to add my own Auth_Mysql section to the vhost (see my code). I would like to make a clean patch for what I am doing, but do you think I am on the good way? I don't know yet how to log in /home/admispconfig/ispconfig/ispconfig.log and my patch doesn't works neither (there is a problem if no user is define for the site, but it's not the case in my testing environment) ISPConfig is great, but it takes some time to see it all... It's very kind to you helping me
I tested my new make_vhost() with: Code: php /root/ispconfig/scripts/writeconf.php But I didn't saw that /root/ispconfig/.ispconfig_lock was hanging the script after a bad coding (missed \")! Now I am running again and my vhost is modified... But there is still a problem in my sql query as $my_user["user_username"] is empty and should not... May be I could use the ips_isp_web table to store the webdav flag/dav_user/dav_password as it will be used as a global webdav access for the site. What should be the right sql query then? Please could you explain me how to log? It could be usefull... ThAnks till & falco
In the backend files (in the directory /root/ispconfig/.....), you can send logmessages to the ispconfig log with: $mod->log("Here is my message"); In the frontend (/home/admispconfig/...) use the command: $go_info->log("My Logmessage"); Which mysql query do you use to select the admin user of the website for your variable $my_user["user_username"]?
Thanks! In fact, I don't need anymore to add sql query to find my user... As my Auth is for the whole web site, I added webdav_password field in ips_isp_web table. So my make_vhost() hack is now: Code: [COLOR="Red"]$section = " <Directory ".$document_root."> DAV On AuthType Basic AuthName \"Restricted Webdav Access\" <Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK> Auth_MySQL_DB db_ispconfig Auth_MySQL_Password_Table isp_isp_web Auth_MySQL_Username_Field web_host Auth_MySQL_Password_Field webdav_password Auth_MySQL_Empty_Passwords off Auth_MySQL_Encryption_Types Plaintext Require user ".$web["web_host"]." </Limit> </Directory>";[/COLOR] .....SNIP..... $mod->tpl->assign( array( SERVERNAME => $servername.$web_port, .....SNIP..... [COLOR="Red"]SECTION => $section,[/COLOR] HTTPD_ROOT => $mod->system->server_conf["server_path_httpd_root"])); With added {SECTION} in /root/ispconfig/isp/conf/vhost.conf.master And it works fine (just still have to encrypt password)!!! My new problem is about SSL, I would like to use independant SSL for each site (on one IP server), but I cannot generate key for more than one site Maybe I am doing wrong somewhere? Waiting for a solution, I'm going to hack make_docroot() function to copy my own template for new site and add extra SQL command to initialise the needed database... "SQL init" should be done in make_docroot() or do you suggest me to use other mechanism? Then, I'll try remoting to see if I can create client + customized site as my hack does...
If I want to log and execute a command, should I use: mod->log->caselog("shell command") I have some permission problem in copying web template. I have inserted my code after line 1038 (make_docroot), copy is OK, but the files still own to root: Code: if($standard_index_page == ""){ $mod->log("web_path : ".$web_path); exec("cp -R /var/www/template/* $web_path/web"); exec("chown -R $apache_user $web_path/web/* &> /dev/null"); // $mod->log->caselog("cp -fr /root/ispconfig/isp/standard_index.html_".$go_info["server"]["lang"]." ".$web_path."/web/index.html", $this->FILE, __LINE__); I missed that: Code: $apache_user = $this->apache_user; // Replace chown with right user/group variables exec("chown -R $apache_user:web$doc_id $web_path/web/* &> /dev/null"); And file permission are OK now But, am I in the right place to use it only during the web site creation? I will also need to run SLQ commands to create database/table/user in MySQL what is your advice: call a shell script with parameters or use ISPC MySQL API (if it exists)? PS: Many of the keyworks I am looking for in this forum have only 3 characters and are removed from my search. That is why I cannont find all the info there...
make_docroot() is also called during web sites updates. You can change the database creation code in /home/admispconfig/ispconfig/lib/ispconfig_isp_datenbanken.lib.php and in the web_insert()/web_update()/web_delete() functions in /root/ispconfig/scripts/lib/config.lib.php. I've just set the limit to 3 characters.
Finally I have got everything I needed done (Auth_MySQL, Template copy for new site). Bu now I am stuck on remoting registration: it works, but as I have added a new field in isp_isp_web table for storing my Auth_MySQL password, I would like to populate it through remoting access. Unfortunately none of the fields I add in my soap_client params (modified form provided test.php) are put to the database (see in red below). Code: // Adding a Web $params = array ( 'sid' => $session_id, 'module' => 'web', 'function' => 'web_add', 'params' => array ( kunde_title => 'ClientN', // reseller_title or reseller_group web_title => 'My Site', web_host => 'nnn', web_domain => 'mydomain.com', web_ip => '192.168.0.110', web_speicher => '200', // MB web_dns => 0, web_userlimit => -1, web_domainlimit => -1, web_shell => 0, web_cgi => 0, web_standard_cgi => 0, web_php => 1, web_php_safe_mode => 1, web_ssi => 0, web_ftp => 0, web_frontpage => 0, web_mysql => 1, web_mysql_anzahl_dbs => 0, web_ssl => 0, web_anonftp => 0, web_anonftplimit => 0, web_wap => 0, web_individual_error_pages => 1, [COLOR="Red"] auth_mysql_password => 'mypass', optionen_mysql_passwort => 'testextradata', web_mailquota => 20[/COLOR] )); $web_id = $soap_client->call('service',$params); if($err = $soap_client->getError()) die("Error: ".$err); echo $web_id; I am surprised as you told me that the soap API will manage my new field as is... Oh! I discovered that it works using 'web_update' function... Is there a limitation on the number of fields populated during creation, shoud I always make an update after creation? Thanks NB: I am running PHP 5.1.2, I had to rename in test.php and soap.lib.php every soapclient into soap_client otherwise there is a Fatal error: Cannot redeclare class soapclient in soap.lib.php on line 4101 You should distribute a modified remoting pack not to redeclare soap from regular PHP one and avoid this error...
With a bad hack, I manage to bypass the problem with new field not written during remonting "add Web" in using "Update Web" (after a slip in order that web is really created). Code: client_add(); web_add(); sleep(10); web_update(); But I have this error message: Error: Client:error_web_no_database_decrease_10error_web_no_database_decrease_2error_web_no_database_decrease_10error_web_no_database_decrease_2 Do you see what is wong?
I don't think it is a problem about web site database limitation, because, it consists of modifying the already existing isp_isp_web table entry... In fact everything runs well il I call the update function after a while... I think the problem occurs when the web site is just being created. Is there a way to avoid this? Like ading the fields I need during the creating process... Thanks
The error is about database limitation. It means that you can not set the number of databases (database limit) to a value that is lower then the number of databases you created for this website.
I have tried to compare what field wasn't initialized during web creation. If found and add those: Code: web_traffic => -1, web_postgresql => 0, web_dns_mx => 0, web_mysql_anzahl_dbs => 1, web_mailuser_login => 0, web_traffic_ueberschreitung => 1, web_mysql_quota => -1, web_mailquota => -1 I also noticed that my extra field was populated only if I don't insert it at last position of the params array... I am not sure yet, but I think that the last parameter is forgotten by remoting API... Do you have the errors list and signification of remoting API? How can I test these errors?