Under MacOS X, the use of TCP/IP ports reserved for Web publishing (ports 0 to 1023) requires specific access privileges: only the machine’s root user can launch an application using these ports. However, the use of “root” sessions raises several issues, including security and access rights for documents generated during the session.
4th Dimension 2004 offers a new solution: a temporary root session. This new solution works as follows: the 4th Dimension Web server is initially launched in a “root” session that is opened for this purpose, but is closed soon after. This new feature can be used with 4th Dimension, 4D Server, 4D Client, 4D Runtime Single User and the 4D Engine executable applications. Keep in mind that this operation only works with the databases published on start-up.
The sequence works as detailed below:
1. The 4th Dimension application is executed using a classic user session.
2. When the Web server is launched on port 80, an alert dialog box appears telling the user that the operation is impossible. The dialog box gives the user the opportunity to modify access privileges in order to be able to launch the Web server. To do this, the user must enter an administrator name and password for the machine.
3. The user enters an administrator name and password for the machine. Using this information, 4th Dimension can modify application access privileges and set the user session as “root”.
4. The user is asked to quit and restart the application. Keep in mind that is it necessary for the Web server to be launched on application start-up: the Publish Database at Startup option must be checked in the application Preferences.
5. On start-up, the 4th Dimension application starts in root session and the Web server is automatically launched on port 80. This time, database publication is carried out correctly. If the “Allow SSL for Web Server” option is checked, the SSL port (443 by default) is also opened.
6. After a few moments, the root session is automatically closed and replaced with the session of the current user. This operation is not visible to the user. The Web server remains published and the user session continues normally. (You can replace the “root” session with a user session other than the current one by using the CLI.)
Once in place, you cannot stop, start and restart the Web server at will during a session. You cannot go from a standard user session to a “root” session (higher access privileges) without restarting the application. This mechanism only works on application startup.