Table of Contents
bifernoadmin is a Web-based service that allows the remote administration and management of a Biferno application. The bifernoadmin interface can be accessed from any Web browser. Bifernoadmin itself is an application entirely written in the Biferno language.
The concept of application in Biferno is described in "Biferno: Language Guide". We assume that the reader is in general terms familiar with the general design principles of the Biferno system and of Biferno applications as described in the document above, which can be downloaded from the www.biferno.it site.
bifernoadmin is part of the standard installation of the Biferno
software, but can not be accessed until it is configured as described in
Section 4, “Configuration and Security Notes”. The bifernoadmin application is located in a
folder called bifernoadmin. This folder contains all
scripts implementing the functionality of the service.
The bifernoadmin folder can be found in the
BifernoHome folder of the machine where Biferno has
been installed.
What is BifernoHome?
BifernoHome is the main folder used by Biferno
for its general configuration and for storing several files that are
necessary to its proper operation (log files, mail spool files, etc.). The
location of BifernoHome depends on the operating
system:
Linux: the path to
BifernoHomeis/home/BifernoHomeMacOSX: the path to
BifernoHomeis/Users/BifernoHomeWindows: the path to
BifernoHomeis specified by the user at installation time (default:[Program files]\Biferno\BifernoHome).MacOS Classic:
BifernoHomeis the path of the folder namedBifernoHomeat the first level of the startup disk ([startup disk]:BifernoHome).
On all operating systems the path of the
BifernoHome folder can be queried using the
biferno.home property from a Biferno script.
BifernoHome contains the main
application that is the common parent of all other applications. We refer
to the "Biferno: Language Guide" document for the concept of subapplication and for
further details on the role of BifernoHome.
bifernoadmin for a particular application can be accessed by accessing
the URL of the folder containing that application followed by the string
bifernoadmin/index.bfr.
The following URL will allow to administer the application contained in
the MyApplication folder in the
www.mysite.com site:
https://www.mysite.com/MyApplication/bifernoadmin/index.bfr
The index.bfr string can be omitted if the
DirectoryIndex directive has been set correctly for the
Web server by specifying a filename of index.bfr as one
of the alternatives that the Web server should use when a URL specifies only
a directory.
The use of the HTTPS protocol instead of
HTTP is covered in Section 4, “Configuration and Security Notes”.
Notice that there is no bifernoadmin folder in the
MyApplication folder. Instead, the
bifernoadmin folder is in
BifernoHome. The trick here is that Biferno
automatically intercepts all URLs containing the
bifernoadmin string and redirects them to
[BifernoHome]/bifernoadmin/index.bfr. This mechanism
allows avoiding to replicate the bifernoadmin folder in
every application, which would be a waste of disk space and, more
importantly, a code maintenance nightmare.
For this reason the bifernoadmin string is a
Biferno reserved word and cannot be used to name our scripts or folders
containing our scripts.
bifernoadmin provides four fundamental tools:
Admin (see Chapter 2, Admin) allows to modify the application preferences and to execute a flush (cache flushing) or reload (reinitialization) of the application itself (see "Biferno: Language Guide" for an explanation of the flush and reload operations.
Edit (see Chapter 3, Edit) is used to read and modify application files allowing to add and correct the scripts that implement the application.
Reference (see Chapter 4, Reference) provides online documentation for all Biferno classes and functions, and allows to write documentation for user classes and functions.
Cache (see Chapter 5, Cache) supports cache management, allows to delete individual files from the application cache and to browse through the latest file access statistics.
All these tools are described in detail in the rest of this document.
Access to bifernoadmin should be reserved to the application developer or the system administrator to avoid intrusion and possible damage. A malicious user could e.g. execute a reload of the application at an inappropriate moment or, in the worst scenario, modify files on our site using the editing functionality. Security should be a concern, and this section dwells on the protection mechanisms that the bifernoadmin offers, and on the various settings that influence the security policy of bifernoadmin.
To ensure adequate protection bifernoadmin works on three separate levels.
Even before verifying the user identity, bifernoadmin compares the
protocol used by the request with the list of allowed protocols. Allowed
protocols are listed in the ADMIN_PROTOCOL application
variable defined in the Biferno.config.bfr file for
the application at hand, as in:
ADMIN_PROTOCOL = "https"
With the above value for ADMIN_PROTOCOL, the only
allowed protocol is HTTPS (Secure HTTP, an
implementation of HTTP over SSL, the Secure Socket Layer). In the HTTPS
protocol data is encrypted before transmission between a browser and a Web
server, which makes it more difficult to intercept or alter data in transit.
HTTPS is more secure than plain HTTP.
If the application configuration is such that HTTPS is the only protocol allowed and an attempt to connect to bifernoadmin via plain HTTP is made, the following screen is displayed:
If ADMIN_PROTOCOL is defined as:
ADMIN_PROTOCOL = "https, http"
or
ADMIN_PROTOCOL = "*"
access via plain HTTP (or via any protocol in the last case) is allowed. Notice that this is a security risk, because data (including password) are transmitted in clear.
The use of HTTPS requires some additional work on the system administration side for the configuration of a secure Web server (i.e. a Web server supporting HTTPS).
Notice that bifernoadmin must be installed on the same machine as the application to be managed. This may require the presence of both an HTTP and an HTTPS server on the same machine if the HTTPS protocol is used only for application management via bifernoadmin.
When first installed, Biferno initializes the
ADMIN_PROTOCOL variable to the
"https" value.
Once it has been established that an access attempt is using an allowed
protocol, bifernoadmin verifies that the IP address originating the request
is within the IP range defined in the ADMIN_IP application
variable. This variable, defined in Biferno.config.bfr
as all variables controlling bifernoadmin configuration, should be set to
an IP address, as in:
ADMIN_IP = "195.136.128.10"
or and IP address range, as in:
ADMIN_IP = "195.136.128.10, 192.128.137.*"
The second example allows access originating from all IP addresses where the first three octets are 192, 128, and 137 respectively, plus the single IP address 195.136.128.10. If an access attempt is made from the unauthorized IP 192.168.10.20, the following error screen is displayed:
Using this mechanism, bifernoadmin will accept only connection requests originating from authorized IP. This will work as long as the IP source address in incoming IP packets is not maliciously altered, which is not trivial but could possibly be done by a malicious attacker using host impersonation techniques.
In some cases one must take into account that the IP address of a
machine that needs to connect to bifernoadmin for application management
purposes may change over time. This happens e.g. when the machine connects
to the Internet via an ISP that dynamically assigns the machine a new IP
address at every connection. If it is really necessary to access
bifernoadmin from a machine that can not be assigned a static IP address,
one may have to define an IP range for ADMIN_IP as the
second example above. This allows an entire subnet to connect to
bifernoadmin, which is a security risk.
Finally, notice that connection requests from within a network that is connected to the Internet via a router that uses NAT (Network Address Translation) will appear to the Web server as originating from the router's IP. Enabling access from the router's IP is equivalent to enable access from the entire network "hidden" behind the router and allows any machine behind the router to bypass the IP source check done by bifernoadmin.
When first installed, Biferno initializes the ADMIN_IP
variable to the "" (empty string), which
does not allow access from any IP.
The last check performed by bifernoadmin is the password check. If the protocol and source IP checks have been passed, the login window is displayed.
Password input is requested to proceed, and a link is provided to the Biferno Reference service, which is the only bifernoadmin service that has is not password-restricted and is available for all users (nevertheless Reference will request input of the bifernoadmin password to allow modification of the documentation).
The service also reminds us that is is necessary to enable cookies in our browser to access bifernoadmin.
The requested password is the one defined in the
ADMIN_PASSWORD variable, e.g.:
ADMIN_PASSWORD = "mypassword"
When first installed, Biferno initializes the
ADMIN_PASSWORD variable to the
"" (empty string) value, which does not
allow access to anybody.
Note
From a security point of view, it is a good idea to avoid writing the password
in clear text in the Biferno.config.bfr file, because
the content of this file is displayed every time the Admin application is
accessed. An alternative is to write the password in a separate text file, say
passw.x.bfr and to insert in the configuration file the
following line:
ADMIN_PASSWORD = file("passw.x.bfr",,r).Get()
Notice the .x.bfr extension for the file containing the
password, which prevents access via the web to this file (see note "File protection" in chapter 9 "Applications" of "Biferno: Language Guide"). The
passw.x.bfr file should have permissions that allow
access only for the biferno user.
Even better is to base-64 encode the password in the password file (e.g. by
writing in the password file the result of the HTUUEncode
method), and to use the following line in Biferno.config.bfr:
ADMIN_PASSWORD = file("passw.x.bfr",,r).Get().HTUUDecode()
If we digit the wrong password, the “Sorry, invalid password. Please try again.” message is displayed.
Finally, after eventually modifying ADMIN_PASSWORD and
providing the correct password, we can access the first bifernoadmin
page.
Important Note
After modifying either the ADMIN_PROTOCOL,
ADMIN_IP, or ADMIN_PASSWORD variables, it is
necessary to execute a reload of the application to
make effective the modifications. On the other hand, one does not have
access (yet) to bifernoadmin to execute a reload.
There are two ways to go around this:
If it is the first time we configure bifernoadmin, we should execute a Biferno reload without using bifernoadmin. On Linux or MacOSX use the following command from a terminal window as root:
bifernoctl reload. On Windows select the “Reload Biferno” item from the “Biferno” menu of the BifernoCtl application. On MacOS Classic press the “Reload” button of the Biferno windows integrated in the Web server (details of this commands are described in "Biferno: Installation and Administration Guide").If the application we want to manage is a subapplication of a parent application that has already been configured for bifernoadmin, it will be sufficient to enter the bifernoadmin of the parent application and reload the parent. A reload of the parent implies a reload of all children applications, including the one we want to configure. All applications are children of the main application, i.e. the one contained in BifernoHome. Executing a reload or flush on the main application is the same as executing it on all applications.
Once authenticated in bifernoadmin, we are automatically seen by
Biferno as if our IP address would be among those defined by the
DEVELOPER_IP variable (see "Biferno: Language Guide" for details on
DEVELOPER_IP).
In summary, the bifernoadmin authentication process has the goal of preventing intruders from accessing the remote application management facilities provided by the bifernoadmin application. It is up to the system administrator to choose the appropriate trade-off between enforced level of security and ease-of-use in compliance with the site security policy.