httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Elser" <jEl...@ck8.uscourts.gov>
Subject Re: [users@httpd] Remote User Variable
Date Tue, 03 Dec 2002 17:41:29 GMT
My secured area is set up as /local/web/htdocs/coa/secure/shell.  This script then calls a
script that is in /cgi-bin.  But, from what you are telling me, the REMOTE USER variable will
not get passed to the script in /cgi-bin.  When I move my other script out of the /cgi-bin
directory and put it under the /local/web/htdocs/coa/secure/shell directory, it doesn't execute.
 I merely displays the script instead of executing it.

Thanks,

John
  ----- Original Message ----- 
  From: Sander Holthaus - Orange XL 
  To: users@httpd.apache.org 
  Sent: Monday, December 02, 2002 11:33 AM
  Subject: Re: [users@httpd] Remote User Variable


  The problem lies in the second script. Your REMOTE_USER-variable is ONLY passed on to resoures
in or below /local/web/htdocs/coa/secure/shell. This is logical, because that is where you
said Authenticiation was required. The REMOTE_USER variable will only be availble if a client
needed to authorize itself.
  An other problem could be how the script was called. Is it called by Apache or another script?

  Kind Regards,
  Sander Holthaus 
    ----- Original Message ----- 
    From: John Elser 
    To: users@httpd.apache.org 
    Sent: Monday, December 02, 2002 6:11 PM
    Subject: Re: [users@httpd] Remote User Variable


    Thanks for the reply!  I really appreciated it.
     
    The way it is working now is that the login/password box comes up when the user accesses
a script that is in /local/web/htdocs/coa/secure/shell.  That part is working fine.  But,
I have another script that eventually gets called that needs to check to see who this user
is.  This script is not in the same directory.  For some reason, the REMOTE USER variable
isn't being passed or isn't being set.

    For what I'm doing, Basic is enough security...that is, if I can tell who a particular
user is.

    Any suggestions on what could be the problem?
     
    Thanks again,

    John
      ----- Original Message ----- 
      From: Sander Holthaus - Orange XL 
      To: users@httpd.apache.org 
      Sent: Monday, December 02, 2002 11:11 AM
      Subject: Re: [users@httpd] Remote User Variable


      Where is that script located? It it under the directory /local/web/htdocs/coa/secure/shell?
       
      Also, using AuthType Basic is in no way secure. Looked at AuthType Digest yet?
       
      Kind regards,
      Sander Holthaus
        ----- Original Message ----- 
        From: John Elser 
        To: users@httpd.apache.org 
        Sent: Monday, December 02, 2002 4:12 PM
        Subject: [users@httpd] Remote User Variable


        I want to pass the user's login to my script.  My httpd.conf file has this:
        <Directory "/local/web/htdocs/coa/secure/shell">
        AuthType Basic
        AuthName "By Invitation Only"
        AuthUserFile /usr/local/apache/bin/apachepw
        Require user jde hml skt
        </Directory>

        I get prompted for a login and password and I'm able to login in.   I then have another
script that checks for the user name.  

        My script contains this code (the script then goes into a series of if statements):
        $uname = $ENV{'REMOTE_USER'};

        But $uname is not being set to the user's login.  

        When I installed apache, I simply downloaded the binary version of it and did a pkgadd
on my solaris 8 system.  Do I need to add an apache module and compile apache before I can
determine who gets prompted for a login and password? Or am I missing something else?

        Thanks,
        John

         

Mime
View raw message