SIFTER Realms

SIFTER Realms



When a data administrator uses a SIFTER Perl script, there must be some way to tell the software where the SIFTER web server is located.

When software executes on a SIFTER web server, it must somehow be told where the database is.

Both of these issues are solved by specifying a SIFTER realm. This is simply a name for a particular SIFTER web server and a particular SIFTER database server. There are two realm files, a client realm file and a server realm file.

The paragraphs below also explain how to create the realm files.


Client Side

The client realm is described by a file on the user's system. The location of this file is set when the client software is installed and is only used by client programs (e.g. programs invoked by the data administrator) and not the analysts using the web interface.

It is typically a world-readable file and might reside in some convenient directory like /usr/local/etc/sifter. In this directory there is a file for each realm that is defined for all SIFTER analysts and data administrators. The name of the file is the same as the realm name. For instance, the realm name might be 'Progeria' and would be found in the file /usr/local/etc/sifter/Progeria. The client realm files look like:

  url=https://some-host.some-domain.com/sifter-prog/
  realm=Progeria

This file specifies the URL where the SIFTER web files we are going to use are installed. The URL keyword is a standard web URL and should require a userid and password to prevent outsiders from accessing the web pages (i.e. an '.htaccess' file has been installed in the directory).

Creating the Client Realm File

To create the client realm file, enter the invoke the script makesifterrealmfile.pl in the perl/scripts directory and specify the directory where the client realm information is kept:

  cd ~/src/sifter-1.00          # Start in SIFTER distribution directory

  ~/dev/sifter-1.00> perl perl/scripts/makesifterrealmfile.pl -client path_to_clientdir

This will prompt you for the relevent client realm information and create the directory and realm file. This will define the URL for this realm, so the directory you provide should be available to all SIFTER clients - those who will load data into the system, not end users who are using their web browsers.

User Realm File

Each user will be expected to provide a SIFTER user realm file which contains a userid and password in order to access each URL. This access information is saved in a file that is private for each user. On Unix systems we assume the file .sifter/user.cfg exists in the home directory for each SIFTER user. Be sure to set the access rights and permissions for this directory properly (e.g. chmod 700 ~/.sifter). The user.cfg file looks like

  Progeria_realm=Progeria
  Progeria_username=my-userid
  Progeria_password=my-secret

This file is read and the username and password values are used when accessing the SIFTER CGI scripts located at the URL specified in the client realm file. Analysts may access different installations of SIFTER. The realms that are available to them are specified in the client realm files (e.g. /usr/local/etc/sifter/*). If the user accesses more than one SIFTER project at different URLs, the user realm file will contain a separate set of three lines for each realm. Each line of the three will have a prefix of the realm name (followed by an underscore).

Creating the Client User File

To create the client realm file, enter the invoke the script makesifterrealmfile.pl and specify the directory where the client realm information is kept:

  ~> makesifterrealmfile.pl

This will prompt for the relevent client user information and create the directory and user file. This should be done by all SIFTER clients - those who will load data into the system, not end users who are using their web browsers.

Server Side

The server realm is described by a file on the server system. The location of this file is set when the server software is installed. It is typically in an file which is only readable by the web server account and might reside in the conf directory where other Apache configuration files reside. Each SIFTER project will use a different server realm. The server realm file looks like:

  realm=Progeria
  db_dsn=dbi:Sybase:server=my-database-host;database=progeria_db
  db_uid=sifter_database_user
  db_pwd=sifter_secret

This contains information used by the CGI scripts so they can access the database directly. The details of these lines will vary depending on the actual database being used. The name of this file is the same as the realm name.

During the installation of the server software, the CGI script soap.cgi will be modified to use the realm for this particular web installation. This is how a particular URL knows which database to access.

Creating the Server Realm File

To create the server realm file, enter the invoke the script makesifterrealmfile.pl in the perl/scripts directory and specify the directory where the server realm information is kept:

  cd ~/src/sifter-1.00          # Start in SIFTER distribution directory

  ~/dev/sifter-1.00> perl perl/scripts/makesifterrealmfile.pl -server path_to_serverdir

This will prompt for the relevent server realm information and create the directory and realm file. This defines the data needed to access the SIFTER database. Be sure this directory has the proper security settings - it should only be readable by the CGI scripts on the web server.

Version=$Id: realm.html,v 1.6 2002/09/13 16:53:28 tpg Exp $