ServerTokens OS

ServerRoot "/etc/httpd"

PidFile run/httpd.pid

Timeout 120

KeepAlive Off

MaxKeepAliveRequests 100

KeepAliveTimeout 15


<IfModule prefork.c>
StartServers       8
MinSpareServers    5
MaxSpareServers   20
ServerLimit      256
MaxClients       256
MaxRequestsPerChild  4000
</IfModule>

<IfModule worker.c>
StartServers         2
MaxClients         150
MinSpareThreads     25
MaxSpareThreads     75 
ThreadsPerChild     25
MaxRequestsPerChild  0
</IfModule>

Listen 80


NameVirtualHost *:80
<VirtualHost *:80>
	ServerName billiards.sdsc.edu

	# This works to redirect everything on billiards to tomcat
	# ProxyPass / ajp://billiards.sdsc.edu:9009/
	# ProxyPassReverse / ajp://billiards.sdsc.edu:9009/

	# ProxyPass /terri/portal2 ajp://billiards.sdsc.edu:9009/portal2
	# ProxyPassReverse /terri/portal2 http://billiards.sdsc.edu/portal2
	# ProxyPass /terri/portal2 ajp://billiards.sdsc.edu:9009/portal2

</VirtualHost>

# billiards1 is Terri's
<VirtualHost *:80>
	ServerName billiards1.sdsc.edu

	# Shibboleth service handlers are by default located under /Shibboleth.sso.
	# The tomcat app needs to redirect to them (eg. to /Shibboleth.sso/Logout) 
	# and it's much simpler to have tomcat use urls that are under the approot (i.e. "portal2").
	# So we let tomcat use /portal2/Shibboleth.sso/Logout and we have apache
	# redirect the browser to /Shibboeth.sso/Logout with this rewrite rule.
	#
	# In shibboleth2.xml I set <Sessions handlerSSL="true">.  This gets rid of the warning about sending
	# data in the clear, but it means the Shibboleth.sso url must be an https url.
	RewriteEngine on
	RewriteRule (.*)/portal2/Shibboleth.sso/LocalLogout https://billiards1.sdsc.edu/Shibboleth.sso/LocalLogout?return=http://billiards1.sdsc.edu/portal2 [R]
	RewriteRule (.*)/portal2/Shibboleth.sso/Logout https://billiards1.sdsc.edu/Shibboleth.sso/Logout?return=http://billiards1.sdsc.edu/portal2 [R]
	RewriteRule (.*)/portal2/Shibboleth.sso/(.*) https://billiards1.sdsc.edu/Shibboleth.sso/$2 [R]

	# TESTING OUT A CHANGE: commented out these ProxyPass lines and having them only in ssl.conf
	# to see if I can make the site available only over ssl.

	# Everything else under /portal2 is sent to tomcat.
	# ProxyPass /portal2 ajp://billiards.sdsc.edu:9004/portal2
	# ProxyPassReverse /portal2  ajp://billiards.sdsc.edu:9004/portal2

	# ProxyPass /wbapplet ajp://billiards.sdsc.edu:9004/wbapplet
	# ProxyPassReverse /wbapplet  ajp://billiards.sdsc.edu:9004/wbapplet

	# REST Service should not be available EXCEPT over https.  See conf.d/ssl.conf
	# ProxyPass /cipresrest ajp://billiards.sdsc.edu:9004/cipresrest
	# ProxyPassReverse /cipresrest  ajp://billiards.sdsc.edu:9004/cipresrest

	# Rest client and restusers don't require ssl.
	ProxyPass /restclient ajp://billiards.sdsc.edu:9004/restclient
	ProxyPassReverse /restclient  ajp://billiards.sdsc.edu:9004/restclient
	ProxyPass /restusers ajp://billiards.sdsc.edu:9004/restusers
	ProxyPassReverse /restusers  ajp://billiards.sdsc.edu:9004/restusers

	ErrorLog logs/terri_error.log
	CustomLog logs/terri_access.log combined
</VirtualHost>

# billiards2 is Jeff's
<VirtualHost *:80>
	ServerName billiards2.sdsc.edu

	RewriteEngine on
	RewriteRule (.*)/portal2/Shibboleth.sso/(.*) https://billiards2.sdsc.edu/Shibboleth.sso/$2 [R]

	ProxyPass /portal2 ajp://billiards.sdsc.edu:9013/portal2
	ProxyPassReverse /portal2  ajp://billiards.sdsc.edu:9013/portal2

	ProxyPass /wbapplet ajp://billiards.sdsc.edu:9013/wbapplet
	ProxyPassReverse /wbapplet  ajp://billiards.sdsc.edu:9013/wbapplet

	ErrorLog logs/jeff_error.log
	CustomLog logs/jeff_acess.log combined
</VirtualHost>

# billiards3 is Test 
<VirtualHost *:80>
	ServerName billiards3.sdsc.edu

	RewriteEngine on
	RewriteRule (.*)/portal2/Shibboleth.sso/LocalLogout https://billiards3.sdsc.edu/Shibboleth.sso/LocalLogout?return=http://billiards3.sdsc.edu/portal2 [R]
	RewriteRule (.*)/portal2/Shibboleth.sso/Logout https://billiards3.sdsc.edu/Shibboleth.sso/Logout?return=http://billiards3.sdsc.edu/portal2 [R]
	RewriteRule (.*)/portal2/Shibboleth.sso/(.*) https://billiards3.sdsc.edu/Shibboleth.sso/$2 [R]

	ProxyPass /portal2 ajp://billiards.sdsc.edu:7072/portal2
	ProxyPassReverse /portal2  ajp://billiards.sdsc.edu:7072/portal2

	ProxyPass /wbapplet ajp://billiards.sdsc.edu:7072/wbapplet
	ProxyPassReverse /wbapplet  ajp://billiards.sdsc.edu:7072/wbapplet

	ErrorLog logs/test_error.log
	CustomLog logs/test_access.log combined
</VirtualHost>


LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so


Include conf.d/*.conf


User portal2test
Group ngbw 


ServerAdmin root@localhost

ServerName billiards.sdsc.edu:80

UseCanonicalName On

DocumentRoot "/var/www/html"

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>


<Directory "/var/www/html">

    Options Indexes FollowSymLinks

    AllowOverride None

    Order allow,deny
    Allow from all

</Directory>

<IfModule mod_userdir.c>
    #
    # UserDir is disabled by default since it can confirm the presence
    # of a username on the system (depending on home directory
    # permissions).
    #
    UserDir disable

    #
    # To enable requests to /~user/ to serve the user's public_html
    # directory, remove the "UserDir disable" line above, and uncomment
    # the following line instead:
    # 
    #UserDir public_html

</IfModule>


DirectoryIndex index.html index.html.var

AccessFileName .htaccess

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

TypesConfig /etc/mime.types

DefaultType text/plain

<IfModule mod_mime_magic.c>
    MIMEMagicFile conf/magic
</IfModule>

HostnameLookups Off



ErrorLog logs/error_log

LogLevel debug

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent




CustomLog logs/access_log combined

ServerSignature On

Alias /icons/ "/var/www/icons/"

<Directory "/var/www/icons">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

<IfModule mod_dav_fs.c>
    # Location of the WebDAV lock database.
    DAVLockDB /var/lib/dav/lockdb
</IfModule>

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>



IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable

AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core

AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^

DefaultIcon /icons/unknown.gif


ReadmeName README.html
HeaderName HEADER.html

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw

LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW

ForceLanguagePriority Prefer Fallback

AddDefaultCharset UTF-8



AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz



AddHandler type-map var

AddType text/html .shtml
AddOutputFilter INCLUDES .shtml




Alias /error/ "/var/www/error/"

<IfModule mod_negotiation.c>
<IfModule mod_include.c>
    <Directory "/var/www/error">
        AllowOverride None
        Options IncludesNoExec
        AddOutputFilter Includes html
        AddHandler type-map var
        Order allow,deny
        Allow from all
        LanguagePriority en es de fr
        ForceLanguagePriority Prefer Fallback
    </Directory>


</IfModule>
</IfModule>

BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully


# Show this when tomcat is down.  We don't know whether it's planned or not.
ErrorDocument 503 /503page.html