Archive for October, 2008

Happy Halloween from me, Mario and the rest of the gang.  The Mario pumpkin turned out alright.  Let’s see what the Halloween kids say.

Mario Pumpkin

Comments Comments Off

I had somewhat of a second-hand demo of 3D printing technology the other day at work.  Wow…I was blown away by how a 3D printer can create a solid, detailed object and how it can also create moving parts as part of the single-run fabrication.  Here’s a video of a 3D printer fabricating a ball-bearing part.  After having a similar ball-bearing demo in my hand and playing with it, I am very impressed!  Makes me want to sharpen up on 3D modeling skills.

YouTube Preview Image

Comments 1 Comment »

In many environments, putting an Exchange 2007 front-end server directly on the Internet is not a desired configuration – either because of technical limitations or security concerns.  One solution is to have an Apache HTTP server on the network perimeter to act as a reverse proxy to an internally located Exchange 2007 server.  The following example is an Apache configuration to:

  • Redirect browsers from http://webmail.domain.com/ to the secure https://webmail.domain.com/
  • Redirect from the root of https://webmail.domain.com to https://webmail.domain.com/exchange – you may wish to redirect to /owa if you use a pure Exchange 2007 environment.
  • Any requests to the https://webmail.domain.com/* will be dynamically tunneled through Apache’s reverse proxy to the internal Exchange system and served back to the client.

The main advantage of the below configuration is that using the ReWriteRule directive with the [P] parameter (Proxy), we can avoid having many individual ProxyPass and ProxyPassReverse directives for each of the Exchange 2007 virtual directories.  Nice, clean, simple.

ProxyRequests Off
<VirtualHost webmail.domain.com:80>
  ServerAdmin hostmaster@domain.com
  ServerName webmail.domain.com
  #ErrorLog /var/log/apache2/webmail.domain.com-error_log
  #CustomLog /var/log/apache2/webmail.domain.com-access_log combined

  ProxyPreserveHost On
  RewriteEngine on
  # Redirect http traffic to https
  RewriteRule ^/(.*)$         https://webmail.domain.com/$1 [L,R]
</VirtualHost>

<VirtualHost webmail.domain.com:443>
  ServerAdmin hostmaster@domain.com
  ServerName webmail.domain.com:443
  #ErrorLog /var/log/apache2/webmail.domain.com-ssl_error_log
  #TransferLog /var/log/apache2/webmail.domain.com-ssl_access_log
  #CustomLog /var/log/apache2/webmail.domain.com-ssl_request_log ssl_combined

  SSLEngine on
  SSLProxyEngine On
  RequestHeader set Front-End-Https "On"
  ProxyPreserveHost On
  RewriteEngine on
  CacheDisable *

  # Rewrite the WWW-Authenticate header to strip out Windows Integrated
  # Authentication (NTLM) and only use Basic-Auth
  SetEnvIf User-Agent ".*MSIE.*" value BrowserMSIE
  Header unset WWW-Authenticate
  Header add WWW-Authenticate "Basic realm=webmail.domain.com"  

  # Redirect / to /exchange
  RewriteRule ^/$             https://webmail.domain.com/exchange/ [R]

  # Reverse proxy all requests to the internal Exchange 2007 server
  RewriteRule ^/(.*)          https://exchange.domain.internal/$1 [P]

  SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  #SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:RC4-MD5:+HIGH:+MEDIUM:+SSLv3:+SSLv2
  SSLCertificateFile /etc/apache2/ssl.crt/webmail.domain.com.crt
  SSLCertificateKeyFile /etc/apache2/ssl.key/webmail.domain.com.key

  SetEnvIf User-Agent ".*MSIE.*"    \
  nokeepalive ssl-unclean-shutdown  \
  downgrade-1.0 force-response-1.0
</VirtualHost>

Comments 40 Comments »