back to contents

Document Junction Installation

Security

The system leverages Unix and Apache security features and modules. The risk exposure is quite low since very little PHP is performed on the server.

Most of the editing technology is implemented in JavaScript code in the browser.

Limitations

While the system is easy to use, it does have drawbacks, also owing to its simplicity.

Management of write permissions in the config file is a bit clunky.

Installation

Untar the DocumentJunction.tar file in a subdirectory served by Apache or other web server with PHP capabilities.

Change the root (document) directory to be owned by your appropriate Apache Web server account.

chown -R www root

Edit the config.php file to indicate:

• $root : a pointer to your root document folder
• $user_flag : which $_SERVER variable to read for your userid for write purposes (see Password Control section below)
• $user_backups : set to true if you want revision control backups
• $user_symlinks : set to true to link the boilerplate.php rather than copying it to each PHP file
• $user_viewmessage : set the text to any message you wish to indiciate how to link to DocumentJunciton in the tail of the document

Then in users.php you will set an array

• $user_super['userid'][]= path : an array of super users who have write capabilties in the system, this is described in Password Controls below.

The system is now usable.

Password Controls

Password mechanisms supported are enterprise-technologies like ADFS (Apache+Mellon), OpenID Connect and also simple standalone .htaccess Digest.

Enterprise authentication technologies can be used to secure all access or just write access, depending on how you configure the system.

By default, the system is world-readable but only trusted-user-writable.

To secure all read/write access to those who can login, set your ADFS or OpenID Connection to protect the root of the system, and set the config.php's

$user_flag = 'MELLON_samaccountname';

To secure all read/write access using .htaccess Digest, set $user_flag = 'REMOTE_USER' in config.php, and add an .htaccess with the appropriate controls in scripts/login subdirectory system. See .htaccess_sample in that directory, but you must add a full specified path file for you .htpasswd file. Then use the command: htaccess -cu .htaccess johnsmith to create a pssword file containing johnsmith userid.

To grant a user write access, edit the config.php file and set:

$user_super['jblow'][ ] = 'root/';

$user_super['psmith'][ ] = 'root/localdocs/'; // first directory for this user

$user_super['psmith'][ ] = 'root/otherdocs/'; // permissions on a separate directory

Page Header and Footer

It is easy to add a custom header and footer to each page. Simply edit the raw HTML in the files ./root/header.html and ./root/footer.html

You can include any text, images, etc. as desired.

Editing the CSS

The CSS for all documents can be edited to change the look of your documents, it's located in ./pages.css

Acknowledgements

DocumentJunction is written by Erick Engelke and uses the following software.

• QuillJS
• Elevate Web Builder (commercial compiler + library)
• Nice (commercial) Programming Library
• PHP
• FontAwesome