httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sander Holthaus - Orange XL" <i...@orangexl.com>
Subject Re: [users@httpd] Remote User Variable
Date Mon, 02 Dec 2002 17:33:58 GMT
The problem lies in the second script. Your REMOTE_USER-variable is ONLY passed on to resoures
in or below /local/web/htdocs/coa/secure/shell. This is logical, because that is where you
said Authenticiation was required. The REMOTE_USER variable will only be availble if a client
needed to authorize itself.
An other problem could be how the script was called. Is it called by Apache or another script?

Kind Regards,
Sander Holthaus 
  ----- Original Message ----- 
  From: John Elser 
  To: users@httpd.apache.org 
  Sent: Monday, December 02, 2002 6:11 PM
  Subject: Re: [users@httpd] Remote User Variable


  Thanks for the reply!  I really appreciated it.

  The way it is working now is that the login/password box comes up when the user accesses
a script that is in /local/web/htdocs/coa/secure/shell.  That part is working fine.  But,
I have another script that eventually gets called that needs to check to see who this user
is.  This script is not in the same directory.  For some reason, the REMOTE USER variable
isn't being passed or isn't being set.

  For what I'm doing, Basic is enough security...that is, if I can tell who a particular user
is.

  Any suggestions on what could be the problem?

  Thanks again,

  John
    ----- Original Message ----- 
    From: Sander Holthaus - Orange XL 
    To: users@httpd.apache.org 
    Sent: Monday, December 02, 2002 11:11 AM
    Subject: Re: [users@httpd] Remote User Variable


    Where is that script located? It it under the directory /local/web/htdocs/coa/secure/shell?

    Also, using AuthType Basic is in no way secure. Looked at AuthType Digest yet?

    Kind regards,
    Sander Holthaus
      ----- Original Message ----- 
      From: John Elser 
      To: users@httpd.apache.org 
      Sent: Monday, December 02, 2002 4:12 PM
      Subject: [users@httpd] Remote User Variable


      I want to pass the user's login to my script.  My httpd.conf file has this:
      <Directory "/local/web/htdocs/coa/secure/shell">
      AuthType Basic
      AuthName "By Invitation Only"
      AuthUserFile /usr/local/apache/bin/apachepw
      Require user jde hml skt
      </Directory>

      I get prompted for a login and password and I'm able to login in.   I then have another
script that checks for the user name.  

      My script contains this code (the script then goes into a series of if statements):
      $uname = $ENV{'REMOTE_USER'};

      But $uname is not being set to the user's login.  

      When I installed apache, I simply downloaded the binary version of it and did a pkgadd
on my solaris 8 system.  Do I need to add an apache module and compile apache before I can
determine who gets prompted for a login and password? Or am I missing something else?

      Thanks,
      John

       
Mime
View raw message