CASE.EDU:    HOME | DIRECTORIES | SEARCH

The Web Development Blog has moved to http://www.heidicool.com/blog/. Please visit me there to read the latest entries and to update your bookmarks and RSS feeds.

April 04, 2005

Using ssi files with secured pages

Many of you are using Server Side Includes files for menus, footers, and other elements of your websites that are used on multiple pages. Learn more about ssi.

SSI files are a great time-saver when it comes to updating your site, but what happens when you want to use them in a secured environment, i.e. with a file or directory that you've secured for viewing only by authenticated users*? If you've tried this, you've noticed that your files don't work properly, your stylesheet doesn't appear, and everything looks horribly wrong. What you need for these to work properly is to secure a copy of your ssi files.

Here's how:

  1. Create a new directory (on the same level as your ssi directory) called ssi-sec
  2. Open your text-editor of choice and create a file named: .auroraaccess
  3. Within that file, type: secure on
  4. Save and exit the file and upload it to your ssi-sec directory. While this file should be saved as plain text, make sure your editor doesn't append a .txt extension to the end.
  5. Copy all of the .ssi files in your regular ssi directory to your ssi-sec directory and upload them to the server.
  6. Open the html file(s) that you are securing and change your include references from ssi to ssi-sec. For example:
    <!--#include virtual="../ssi/file.ssi" --> would change to <!--#include virtual="../ssi-sec/file.ssi" -->
  7. View your page, and just remember to update .ssi files in both folders when making future edits.

Kudos to Heidi Emick & John Sully for working out and sharing this procedure when we launched the templates.

*For more information on securing files and directories on the Aurora server visit http://www.cwru.edu:8000/apas/apas.html and login with your account ID and password. (NOT your Case ID and password) and follow the instructions for restricting a file or directory. Those maintaining websites on other servers, should consult with their server administrator for authentication instructions.

StumbleUpon Toolbar Stumble It! AddThis Social Bookmark Button


Posted by: Heidi Cool April 4, 2005 10:20 AM | Category: Heidi's Entries , Server Side Includes

Trackbacks

Trackback URL for this entry is: Using ssi files with secured pages

Comments

gravatar

As an insider note, the blog server's Apache has server side includes, too. The only catch is that you must use '.shtml' file extensions if you want to use them.

Carmen Fontana, back when she was still playing with here blog, started messing around with them -- http://blog.case.edu/ccb3/

Posted by jms18 on April 4, 2005 12:57 PM

gravatar

This is where knowing how to configure your server really comes in handy. For example. Using [HTTPD Server Name] on a *nix box you can probably symlink the files or folders so the files appear to the web server as though they are duplicated in the (un)secure location. On a Windows box, using IIS you would do this by configuring a virtual directory so it points to the correct physical location.

So far as using SSI on the blog server goes, I've become comfortable using the MTInclude directive in templates. The syntax is only marginally different from old style #include directives and keeps me from having to remember to use the .shtml extension. It will have problems if I want to include across accounts but, if I'm getting that intense I should be puting more thought into how I do stuff anyway.

Posted by dkh2 on April 4, 2005 03:15 PM

gravatar

Jeremy & Keith,
Thanks for the info. ssi or MTInclude might be handy for our various submenus or other elements we'd want to share among various template files. I'll have to experiment a bit.

Posted by Heidi on April 5, 2005 05:10 PM

gravatar

Well the MTInclude works great. I just did it with my side menu. Rebuilding the site might be annoying once we get oodles of entries. While we wouldn't have that issue using ssi, I think it's probably best to work within the system, esp. given that Kevin and I are both tinkering with the files.

Posted by Heidi on April 6, 2005 10:30 AM

Post a comment

















Posted by: hac4 (Heidi Cool) April 4, 2005 10:20 AM | Comments (4) | Trackback