SlideShare a Scribd company logo
Secure real-time
collaboration with
SecurePass                                               and
Etherpad
Giuseppe Paterno', IT Security Architect and CTO, GARL
Luca Oldano, Senior Network and Security Engineer, Moresi.com
What is a "Pad"
A "Pad" is an on-line web-based collaborative
real-time editor, allowing authors to
simultaneously edit a text document, and see all
of  the participants' edits in real-time, with the
ability to display each  author's text in their own
color.
Anyone can create a new collaborative
document, known as a "pad". Each pad has its
own URL and anyone who knows this URL can
edit the pad and participate in the  associated
chats. Password-protected pads are also
possible. Each participant is identified by a color
and a name.
The software auto-saves the document at regular,
short intervals, but  participants can permanently
save specific versions (checkpoints) at  any
time. A "time machine" feature allows anyone to
explore the history of the pad, going back in the
past release. The major "milestones" can also be
tagged (or "stared"). 
A great feature of some pads is that document
can be imported and exported in plain text,
HTML, Open Document, Microsoft Word, or PDF
format.


Secure real-time collaboration with                   and Etherpad
Working with "Pads"
          Working with pads is business going social:  social networks get us used to be always
          updated and connected to our community anytime and anywhere.  A pad follow that
          mindset and enables you with a simple tool to collaborate with your colleagues and
          partners while ensuring the right level of privacy online.

          Consider a pad like a clear whiteboard, open a new one and simply start writing an
          idea or a challenge. Invite your team, your partners, your external collaborators -no
          matter where they are- to share your ideas at the same time.

          Let  the pad grow with the contribution and the experience of trusted  people, every
          projects has the right team that are ready to contribute.  Review and compare the text
          with preview versions, until you'll find the answer and achieve your goal.

          Then export it, in your favourite format and share it. For example, write project
          documentations with your team through a pad and deliver it in a professional way
          using your favorite tool such as Microsoft Word.




Secure real-time collaboration with               and Etherpad
Secure real-time
collaboration
Innovate, experiment, engage your customers in an easy and
secure way. With a shared pad in a protected enviroment, it's easy focus
on core facts and forget about your information being accessed from
unauthorized users. All you have to do is following the speed of business. 

Secure cooperation with employees and partners is now possible on the
cloud with the protection of SecurePass.

Access to a pad is as easy as sharing the web adress of your pad, SecurePass
will ensure that access to information is allowed only to authorized users. 

By integrating a pad with SecurePass you will be able to:


‣identify your employees and partners in a proper way
‣limit access to your company and/or your partners (with Apache module)
‣cooperate from anywhere, also through tablets and smartphones, without
fear of loosing precious company information


 Secure real-time collaboration with                   and Etherpad
Architecture




Secure real-time collaboration with   and Etherpad
Etherpad
 Etherpad is probably the most famous
 pad server implementation: it was born
 in 2008 by some Google employees.

 Etherpad itself is implemented in
 JavaScript, through the Node,js
 application environment.

 Etherpad was the first web application
 of its kind to achieve true real-time
 performance, 

 The home page is on: http://etherpad.org




Secure real-time collaboration with         and Etherpad
Apache HTTPd
Apache will be handling all data comunication from the external world, playing an important role for securing
communication. In particular, the Apache web server will be performing the following roles:



       SSL termination


      Reverse proxy to the Etherpad web server on Node.js


       Authenticating the user using the SecurePass Web Single Sing-On feature


      Limitation of the SecurePass domains/realm for using the pad only within your company or allowing external partners

       Translating the user identity into something that Etherpad is able to understand


  We will not go in details on how to create a virtual server with the SSL feature.
  The configuration has been tested with CentOS 6.




  Secure real-time collaboration with                  and Etherpad
Apache configuration
for SecurePass
Follow the instructions on this website:
http://support.secure-pass.net/wiki/index.php/Apache
and ensure you have these values set:



 CASCookiePath /var/cache/mod_auth_cas/
 CASValidateServer Off
 CASLoginURL https://login.secure-pass.net/cas/login
 CASValidateURL https://login.secure-pass.net/cas/serviceValidate
 CASAllowWildcardCert On


In CentOS you have to create the path
 
/var/cache/mod_auth_cas/




 Secure real-time collaboration with                     and Etherpad
Apache Reverse Proxy
The following statement has to be copied
in the Apache virtual host and will reverse
proxy all the requests to the Etherpad
service, with the exception of the
administrative interface of Etherpad.


 ProxyVia On
 ProxyRequests Off
 ProxyPass /admin !
 ProxyPass / http://127.0.0.1:9001/ retry=0
 ProxyPassReverse / http://127.0.0.1:9001/
 ProxyPreserveHost on
 <Proxy *>
   Options FollowSymLinks MultiViews
   AllowOverride All
   Order allow,deny
   allow from all
 </Proxy>




 Secure real-time collaboration with          and Etherpad
Install SecurePass
Apache module
This module will introduce the feature of limiting the access
to the Etherpad to your company or the partners/companies
you wish to cooperate with.

Please download from the following site:

https://github.com/AlessandroLorenzi/mod_authz_securepass

and follow the instructions in the INSTALL file




  Secure real-time collaboration with                 and Etherpad
Configure authentication
in Apache
The following statement has to be copied in the                             <Location />
Apache virtual host and will enable:                                         AuthType CAS
                                                                              Require sprealm mycompany.com partner.net
1.       Authentication with SecurePass                                     RewriteEngine On

2.       Limit the access to the realms listed in "Require                  RewriteCond %{REMOTE_USER} (.+)
         sprealm" directive (modify as appropriate)                         RewriteRule . - [E=RU:%1]
                                                                            RequestHeader add X-Forwarded-User %{RU}e
3.       Pass the REMOTE_USER variable as the
         X-Forwarded-User header                                            Header Set Cache-Control "max-age=0, no-store"

                                                                            </Location>




     Secure real-time collaboration with                     and Etherpad
Install and Integration
Etherpad
To install Etherpad in your system, please                  Install the plugin sotauth to be able to
follow the instructions in the web site:                    identify the user via the X-Forwarded-
                                                            user HTTP header:

https://help.ubuntu.com/community/                          https://github.com/wtsi-hgi/ep_sotauth
Etherpad-liteInstallation

Note that in the website there is also an
upstart configuration file that will work                     In the Etherpad configuration file
also on CentOS 6.                                           "settings.json" enable
                                                            "requireAuthentication" and
In our installation we also used MySQL to                   "requireAuthorization"
have a more production-ready database.




  Secure real-time collaboration with        and Etherpad
Conclusions
A lot of organisations are now
adopting a collaboration tool
to improve efficiency: the easy
model of Etherpad with the
trusted protection of
SecurePass let the cloud be the
right tool to save your time and
money. 

Once the secure pad tool has
been implemented and become a
part of everyday business,
your business could rely on a new
fast way to engage with partners,
customers and your team.




  Secure real-time collaboration with   and Etherpad
Your daily
                     secure
                   business
                     online




Sponsored by



www.secure-pass.net            www.moresi.com

More Related Content

PDF
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020
Matt Raible
 
PDF
10 Excellent Ways to Secure Your Spring Boot Application - The Secure Develop...
Matt Raible
 
PPTX
Managing Secrets in Production
Erik Osterman
 
PPTX
Log in to a Linux VM in Azure using AAD authentication
Takayoshi Tanaka
 
PPTX
Capture, record, clip, embed and play, search: video from newbie to ninja
Vito Flavio Lorusso
 
PDF
What the Heck is OAuth and OpenID Connect - RWX 2017
Matt Raible
 
PDF
Apache Roller, Acegi Security and Single Sign-on
Matt Raible
 
PDF
The "Holy Grail" of Dev/Ops
Erik Osterman
 
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020
Matt Raible
 
10 Excellent Ways to Secure Your Spring Boot Application - The Secure Develop...
Matt Raible
 
Managing Secrets in Production
Erik Osterman
 
Log in to a Linux VM in Azure using AAD authentication
Takayoshi Tanaka
 
Capture, record, clip, embed and play, search: video from newbie to ninja
Vito Flavio Lorusso
 
What the Heck is OAuth and OpenID Connect - RWX 2017
Matt Raible
 
Apache Roller, Acegi Security and Single Sign-on
Matt Raible
 
The "Holy Grail" of Dev/Ops
Erik Osterman
 

What's hot (10)

PDF
JavaOne India 2011 - Running your Java EE 6 Apps in the Cloud
Arun Gupta
 
PPTX
GOTO Copenhagen - Radical Agility with Autonomous Teams and Microservices in ...
Jan Löffler
 
PPTX
Stups.io - an Open Source Cloud Framework for AWS
Jan Löffler
 
PDF
Az 104 session 2 implement and manage azure webapps and container
AzureEzy1
 
PDF
AZ-204 : Implement Azure security
AzureEzy1
 
PDF
Informology - Introduction to juju
Khairul Aizat Kamarudzzaman
 
PDF
Az 900 session 2-core azure services
AzureEzy1
 
PPTX
SIA319 What's Windows Server 2008 R2 Going to Do for Your Active Directory?
Louis Göhl
 
PDF
AZ-400: Define and implement continuous integration – Part 2
AzureEzy1
 
PDF
Az 104 session 3 azure compute
AzureEzy1
 
JavaOne India 2011 - Running your Java EE 6 Apps in the Cloud
Arun Gupta
 
GOTO Copenhagen - Radical Agility with Autonomous Teams and Microservices in ...
Jan Löffler
 
Stups.io - an Open Source Cloud Framework for AWS
Jan Löffler
 
Az 104 session 2 implement and manage azure webapps and container
AzureEzy1
 
AZ-204 : Implement Azure security
AzureEzy1
 
Informology - Introduction to juju
Khairul Aizat Kamarudzzaman
 
Az 900 session 2-core azure services
AzureEzy1
 
SIA319 What's Windows Server 2008 R2 Going to Do for Your Active Directory?
Louis Göhl
 
AZ-400: Define and implement continuous integration – Part 2
AzureEzy1
 
Az 104 session 3 azure compute
AzureEzy1
 
Ad

Similar to Secure real-time collaboration with SecurePass and Etherpad (20)

PDF
Wallix AdminBastion - Privileged User Management &amp; Access Control
zayedalji
 
PDF
Bloombase Spitfire Link Encryptor Server Brochure
Bloombase
 
PDF
PAN PA2000 series
Altaware, Inc.
 
PDF
PAN PA2000 series
Altaware, Inc.
 
PPT
NetOp Tech GmbH Remote Control. Education. Security
webhostingguy
 
PPT
NetOp Tech GmbH Remote Control. Education. Security
webhostingguy
 
PDF
PAN PA500
Altaware, Inc.
 
PPTX
4. tmg 2010 e uag 2010
Fabrizio Volpe
 
PDF
Microsoft Forefront - Unified Access Gateway 2010 Datasheet
Microsoft Private Cloud
 
PPTX
Windows 7 For Itpro
Eduardo Castro
 
PPTX
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
CA API Management
 
PDF
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
ijceronline
 
PDF
PAN PA4000
Altaware, Inc.
 
PPTX
Remote Access Security
syrinxtech
 
PDF
Scenatio based hacking - enterprise wireless security (Vivek Ramachandran)
ClubHack
 
PPT
Thinkfree Office Live Introduction Material En
Benedict Ji
 
PDF
White Paper: SysAid's My Desktop
SysAid Technologies
 
DOC
Serverless Thin Client
guestb980dc366
 
PDF
At8000 s configurando_8021x
NetPlus
 
PPTX
Why choose pan
Achmad Yudo
 
Wallix AdminBastion - Privileged User Management &amp; Access Control
zayedalji
 
Bloombase Spitfire Link Encryptor Server Brochure
Bloombase
 
PAN PA2000 series
Altaware, Inc.
 
PAN PA2000 series
Altaware, Inc.
 
NetOp Tech GmbH Remote Control. Education. Security
webhostingguy
 
NetOp Tech GmbH Remote Control. Education. Security
webhostingguy
 
PAN PA500
Altaware, Inc.
 
4. tmg 2010 e uag 2010
Fabrizio Volpe
 
Microsoft Forefront - Unified Access Gateway 2010 Datasheet
Microsoft Private Cloud
 
Windows 7 For Itpro
Eduardo Castro
 
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
CA API Management
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
ijceronline
 
PAN PA4000
Altaware, Inc.
 
Remote Access Security
syrinxtech
 
Scenatio based hacking - enterprise wireless security (Vivek Ramachandran)
ClubHack
 
Thinkfree Office Live Introduction Material En
Benedict Ji
 
White Paper: SysAid's My Desktop
SysAid Technologies
 
Serverless Thin Client
guestb980dc366
 
At8000 s configurando_8021x
NetPlus
 
Why choose pan
Achmad Yudo
 
Ad

More from Giuseppe Paterno' (15)

PDF
OpenStack e le nuove Infrastrutture IT
Giuseppe Paterno'
 
PDF
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
Giuseppe Paterno'
 
PDF
Let's sleep better: programming techniques to face new security attacks in cloud
Giuseppe Paterno'
 
PDF
SecurePass at OpenBrighton
Giuseppe Paterno'
 
PDF
OpenStack: Security Beyond Firewalls
Giuseppe Paterno'
 
PDF
Remote security with Red Hat Enterprise Linux
Giuseppe Paterno'
 
PDF
Il problema dei furti di identità nelle infrastrutture Cloud e possibili rimedi
Giuseppe Paterno'
 
PDF
How the Post-PC era changed IT Ubuntu for next gen datacenters
Giuseppe Paterno'
 
PDF
Filesystem Comparison: NFS vs GFS2 vs OCFS2
Giuseppe Paterno'
 
PDF
Creating OTP with free software
Giuseppe Paterno'
 
PDF
Protecting confidential files using SE-Linux
Giuseppe Paterno'
 
PDF
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Giuseppe Paterno'
 
PDF
La gestione delle identità per il controllo delle frodi bancarie
Giuseppe Paterno'
 
PDF
Identity theft in the Cloud and remedies
Giuseppe Paterno'
 
PDF
Il problema dei furti di identita' nelle infrastrutture Cloud e possibili rimedi
Giuseppe Paterno'
 
OpenStack e le nuove Infrastrutture IT
Giuseppe Paterno'
 
OpenStack Explained: Learn OpenStack architecture and the secret of a success...
Giuseppe Paterno'
 
Let's sleep better: programming techniques to face new security attacks in cloud
Giuseppe Paterno'
 
SecurePass at OpenBrighton
Giuseppe Paterno'
 
OpenStack: Security Beyond Firewalls
Giuseppe Paterno'
 
Remote security with Red Hat Enterprise Linux
Giuseppe Paterno'
 
Il problema dei furti di identità nelle infrastrutture Cloud e possibili rimedi
Giuseppe Paterno'
 
How the Post-PC era changed IT Ubuntu for next gen datacenters
Giuseppe Paterno'
 
Filesystem Comparison: NFS vs GFS2 vs OCFS2
Giuseppe Paterno'
 
Creating OTP with free software
Giuseppe Paterno'
 
Protecting confidential files using SE-Linux
Giuseppe Paterno'
 
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Giuseppe Paterno'
 
La gestione delle identità per il controllo delle frodi bancarie
Giuseppe Paterno'
 
Identity theft in the Cloud and remedies
Giuseppe Paterno'
 
Il problema dei furti di identita' nelle infrastrutture Cloud e possibili rimedi
Giuseppe Paterno'
 

Recently uploaded (20)

PDF
Chapter 1 Introduction to CV and IP Lecture Note.pdf
Getnet Tigabie Askale -(GM)
 
PDF
A Day in the Life of Location Data - Turning Where into How.pdf
Precisely
 
PDF
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
PDF
How-Cloud-Computing-Impacts-Businesses-in-2025-and-Beyond.pdf
Artjoker Software Development Company
 
PDF
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
PDF
Software Development Methodologies in 2025
KodekX
 
PPTX
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
PPT
L2 Rules of Netiquette in Empowerment technology
Archibal2
 
PDF
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
PDF
Event Presentation Google Cloud Next Extended 2025
minhtrietgect
 
PDF
Chapter 2 Digital Image Fundamentals.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
PDF
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
Why Your AI & Cybersecurity Hiring Still Misses the Mark in 2025
Virtual Employee Pvt. Ltd.
 
PDF
REPORT: Heating appliances market in Poland 2024
SPIUG
 
PDF
Building High-Performance Oracle Teams: Strategic Staffing for Database Manag...
SMACT Works
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PDF
Cloud-Migration-Best-Practices-A-Practical-Guide-to-AWS-Azure-and-Google-Clou...
Artjoker Software Development Company
 
Chapter 1 Introduction to CV and IP Lecture Note.pdf
Getnet Tigabie Askale -(GM)
 
A Day in the Life of Location Data - Turning Where into How.pdf
Precisely
 
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
How-Cloud-Computing-Impacts-Businesses-in-2025-and-Beyond.pdf
Artjoker Software Development Company
 
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
Software Development Methodologies in 2025
KodekX
 
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
L2 Rules of Netiquette in Empowerment technology
Archibal2
 
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
Event Presentation Google Cloud Next Extended 2025
minhtrietgect
 
Chapter 2 Digital Image Fundamentals.pdf
Getnet Tigabie Askale -(GM)
 
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
Why Your AI & Cybersecurity Hiring Still Misses the Mark in 2025
Virtual Employee Pvt. Ltd.
 
REPORT: Heating appliances market in Poland 2024
SPIUG
 
Building High-Performance Oracle Teams: Strategic Staffing for Database Manag...
SMACT Works
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
Cloud-Migration-Best-Practices-A-Practical-Guide-to-AWS-Azure-and-Google-Clou...
Artjoker Software Development Company
 

Secure real-time collaboration with SecurePass and Etherpad

  • 1. Secure real-time collaboration with SecurePass and Etherpad Giuseppe Paterno', IT Security Architect and CTO, GARL Luca Oldano, Senior Network and Security Engineer, Moresi.com
  • 2. What is a "Pad" A "Pad" is an on-line web-based collaborative real-time editor, allowing authors to simultaneously edit a text document, and see all of  the participants' edits in real-time, with the ability to display each  author's text in their own color. Anyone can create a new collaborative document, known as a "pad". Each pad has its own URL and anyone who knows this URL can edit the pad and participate in the  associated chats. Password-protected pads are also possible. Each participant is identified by a color and a name. The software auto-saves the document at regular, short intervals, but  participants can permanently save specific versions (checkpoints) at  any time. A "time machine" feature allows anyone to explore the history of the pad, going back in the past release. The major "milestones" can also be tagged (or "stared").  A great feature of some pads is that document can be imported and exported in plain text, HTML, Open Document, Microsoft Word, or PDF format. Secure real-time collaboration with and Etherpad
  • 3. Working with "Pads" Working with pads is business going social:  social networks get us used to be always updated and connected to our community anytime and anywhere.  A pad follow that mindset and enables you with a simple tool to collaborate with your colleagues and partners while ensuring the right level of privacy online. Consider a pad like a clear whiteboard, open a new one and simply start writing an idea or a challenge. Invite your team, your partners, your external collaborators -no matter where they are- to share your ideas at the same time. Let  the pad grow with the contribution and the experience of trusted  people, every projects has the right team that are ready to contribute.  Review and compare the text with preview versions, until you'll find the answer and achieve your goal. Then export it, in your favourite format and share it. For example, write project documentations with your team through a pad and deliver it in a professional way using your favorite tool such as Microsoft Word. Secure real-time collaboration with and Etherpad
  • 4. Secure real-time collaboration Innovate, experiment, engage your customers in an easy and secure way. With a shared pad in a protected enviroment, it's easy focus on core facts and forget about your information being accessed from unauthorized users. All you have to do is following the speed of business.  Secure cooperation with employees and partners is now possible on the cloud with the protection of SecurePass. Access to a pad is as easy as sharing the web adress of your pad, SecurePass will ensure that access to information is allowed only to authorized users.  By integrating a pad with SecurePass you will be able to: ‣identify your employees and partners in a proper way ‣limit access to your company and/or your partners (with Apache module) ‣cooperate from anywhere, also through tablets and smartphones, without fear of loosing precious company information Secure real-time collaboration with and Etherpad
  • 6. Etherpad Etherpad is probably the most famous pad server implementation: it was born in 2008 by some Google employees. Etherpad itself is implemented in JavaScript, through the Node,js application environment. Etherpad was the first web application of its kind to achieve true real-time performance,  The home page is on: http://etherpad.org Secure real-time collaboration with and Etherpad
  • 7. Apache HTTPd Apache will be handling all data comunication from the external world, playing an important role for securing communication. In particular, the Apache web server will be performing the following roles: SSL termination Reverse proxy to the Etherpad web server on Node.js Authenticating the user using the SecurePass Web Single Sing-On feature Limitation of the SecurePass domains/realm for using the pad only within your company or allowing external partners Translating the user identity into something that Etherpad is able to understand We will not go in details on how to create a virtual server with the SSL feature. The configuration has been tested with CentOS 6. Secure real-time collaboration with and Etherpad
  • 8. Apache configuration for SecurePass Follow the instructions on this website: http://support.secure-pass.net/wiki/index.php/Apache and ensure you have these values set: CASCookiePath /var/cache/mod_auth_cas/ CASValidateServer Off CASLoginURL https://login.secure-pass.net/cas/login CASValidateURL https://login.secure-pass.net/cas/serviceValidate CASAllowWildcardCert On In CentOS you have to create the path   /var/cache/mod_auth_cas/ Secure real-time collaboration with and Etherpad
  • 9. Apache Reverse Proxy The following statement has to be copied in the Apache virtual host and will reverse proxy all the requests to the Etherpad service, with the exception of the administrative interface of Etherpad. ProxyVia On ProxyRequests Off ProxyPass /admin ! ProxyPass / http://127.0.0.1:9001/ retry=0 ProxyPassReverse / http://127.0.0.1:9001/ ProxyPreserveHost on <Proxy *> Options FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Proxy> Secure real-time collaboration with and Etherpad
  • 10. Install SecurePass Apache module This module will introduce the feature of limiting the access to the Etherpad to your company or the partners/companies you wish to cooperate with. Please download from the following site: https://github.com/AlessandroLorenzi/mod_authz_securepass and follow the instructions in the INSTALL file Secure real-time collaboration with and Etherpad
  • 11. Configure authentication in Apache The following statement has to be copied in the <Location /> Apache virtual host and will enable: AuthType CAS Require sprealm mycompany.com partner.net 1. Authentication with SecurePass RewriteEngine On 2. Limit the access to the realms listed in "Require RewriteCond %{REMOTE_USER} (.+) sprealm" directive (modify as appropriate) RewriteRule . - [E=RU:%1] RequestHeader add X-Forwarded-User %{RU}e 3. Pass the REMOTE_USER variable as the X-Forwarded-User header Header Set Cache-Control "max-age=0, no-store" </Location> Secure real-time collaboration with and Etherpad
  • 12. Install and Integration Etherpad To install Etherpad in your system, please Install the plugin sotauth to be able to follow the instructions in the web site: identify the user via the X-Forwarded- user HTTP header: https://help.ubuntu.com/community/ https://github.com/wtsi-hgi/ep_sotauth Etherpad-liteInstallation Note that in the website there is also an upstart configuration file that will work In the Etherpad configuration file also on CentOS 6. "settings.json" enable "requireAuthentication" and In our installation we also used MySQL to "requireAuthorization" have a more production-ready database. Secure real-time collaboration with and Etherpad
  • 13. Conclusions A lot of organisations are now adopting a collaboration tool to improve efficiency: the easy model of Etherpad with the trusted protection of SecurePass let the cloud be the right tool to save your time and money.  Once the secure pad tool has been implemented and become a part of everyday business, your business could rely on a new fast way to engage with partners, customers and your team. Secure real-time collaboration with and Etherpad
  • 14. Your daily secure business online Sponsored by www.secure-pass.net www.moresi.com