diff --git a/Dockerfile b/Dockerfile
index b0529616..56821af7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,6 +11,9 @@
FROM docker.io/centos:7
+ENV LANG en_US.UTF-8
+ENV LC_ALL en_US.UTF-8
+
ARG TAG
WORKDIR /tmp
diff --git a/main/config_default/httpd-idds-443-py39-cc7.conf b/main/config_default/httpd-idds-443-py39-cc7.conf
index ffb5b3d1..8f5ef019 100644
--- a/main/config_default/httpd-idds-443-py39-cc7.conf
+++ b/main/config_default/httpd-idds-443-py39-cc7.conf
@@ -39,6 +39,7 @@ WSGIPythonPath /opt/idds/lib/python3.9/site-packages
Listen 8443
+Listen 8080
RewriteEngine on
RewriteCond %REQUEST_METHOD ^(TRACE|TRACK)
@@ -82,12 +83,67 @@ Alias "/monitor" "/opt/idds/monitor/data"
+ GridSiteIndexes on
+ # GridSiteAuth on
+ GridSiteDNlists /etc/grid-security/dn-lists/
+ GridSiteGSIProxyLimit 16
+ GridSiteEnvs on
+ GridSiteACLPath /opt/idds/etc/idds/rest/gacl
+ # GridSiteMethods GET
+
+
+
+ # Order deny,allow
+ # Allow from all
+ # Require all granted
+
+
+
+ Order deny,allow
+ Allow from all
+ Require all granted
+
+
+
+ Order deny,allow
+ Allow from all
+ Require all granted
+
+
+
+ Order deny,allow
+ Allow from all
+ Require all granted
+ DirectoryIndex dashboard.html
+ DirectoryIndex index.html
+
+
+
+
+ # ServerName aipanda182.cern.ch:8080
+ ServerAdmin wguan@cern.ch
+
+ LogLevel debug
+ ErrorLog /var/log/idds/httpd_error_log
+ TransferLog /var/log/idds/httpd_access_log
+
+ # Proxy authentication via mod_gridsite
+
GridSiteIndexes on
GridSiteAuth on
GridSiteDNlists /etc/grid-security/dn-lists/
GridSiteGSIProxyLimit 16
GridSiteEnvs on
GridSiteACLPath /opt/idds/etc/idds/rest/gacl
+
+
+
+ GridSiteIndexes on
+ # GridSiteAuth on
+ GridSiteDNlists /etc/grid-security/dn-lists/
+ GridSiteGSIProxyLimit 16
+ GridSiteEnvs on
+ GridSiteACLPath /opt/idds/etc/idds/rest/gacl
# GridSiteMethods GET
diff --git a/main/lib/idds/rest/v1/app.py b/main/lib/idds/rest/v1/app.py
index 7c979085..cd7c4585 100644
--- a/main/lib/idds/rest/v1/app.py
+++ b/main/lib/idds/rest/v1/app.py
@@ -92,6 +92,12 @@ def before_request_auth():
if auth_type in ['x509_proxy']:
dn = flask.request.environ.get('SSL_CLIENT_S_DN', None)
client_cert = flask.request.environ.get('SSL_CLIENT_CERT', None)
+ dn = dn.strip()
+ client_cert = client_cert.strip()
+ if not dn or len(dn) == 0:
+ dn = flask.request.headers.get('SSL_CLIENT_S_DN', default=None)
+ if not client_cert or len(client_cert) == 0:
+ client_cert = flask.request.headers.get('SSL_CLIENT_CERT', default=None)
is_authenticated, errors, username = authenticate_x509(vo, dn, client_cert)
if not is_authenticated:
return generate_failed_auth_response(errors)
diff --git a/main/tools/env/install_packages.sh b/main/tools/env/install_packages.sh
index 70d615b8..bc83ebed 100755
--- a/main/tools/env/install_packages.sh
+++ b/main/tools/env/install_packages.sh
@@ -1,4 +1,4 @@
-$'#!/bin/bash
+#!/bin/bash
set -m
for package in common main client workflow doma atlas website monitor ;
do