httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Kenna" <andr...@stamina.com.au>
Subject RE: [users@httpd] Remote User Variable
Date Tue, 03 Dec 2002 21:54:06 GMT
Yep, you need to set the permissions on the cgi script in each directory
you move it to. Also you will need to set ExecCgi on the directory the
cgi script lives in
 
Andrew
 

	-----Original Message-----
	From: John Elser [mailto:jElser@ck8.uscourts.gov] 
	Sent: Wednesday, 4 December 2002 4:41 AM
	To: users@httpd.apache.org
	Subject: Re: [users@httpd] Remote User Variable
	
	
	My secured area is set up as /local/web/htdocs/coa/secure/shell.
This script then calls a script that is in /cgi-bin.  But, from what you
are telling me, the REMOTE USER variable will not get passed to the
script in /cgi-bin.  When I move my other script out of the /cgi-bin
directory and put it under the /local/web/htdocs/coa/secure/shell
directory, it doesn't execute.  I merely displays the script instead of
executing it.
	 
	Thanks,
	 
	John

		----- Original Message ----- 
		From: Sander Holthaus - Orange XL
<mailto:info@orangexl.com>  
		To: users@httpd.apache.org 
		Sent: Monday, December 02, 2002 11:33 AM
		Subject: Re: [users@httpd] Remote User Variable

		The problem lies in the second script. Your
REMOTE_USER-variable is ONLY passed on to resoures in or below
/local/web/htdocs/coa/secure/shell. This is logical, because that is
where you said Authenticiation was required. The REMOTE_USER variable
will only be availble if a client needed to authorize itself.
		An other problem could be how the script was called. Is
it called by Apache or another script?
		 
		Kind Regards,
		Sander Holthaus 

			----- Original Message ----- 
			From: John Elser
<mailto:jElser@ck8.uscourts.gov>  
			To: users@httpd.apache.org 
			Sent: Monday, December 02, 2002 6:11 PM
			Subject: Re: [users@httpd] Remote User Variable

			Thanks for the reply!  I really appreciated it.
			 
			The way it is working now is that the
login/password box comes up when the user accesses a script that is in
/local/web/htdocs/coa/secure/shell.  That part is working fine.  But, I
have another script that eventually gets called that needs to check to
see who this user is.  This script is not in the same directory.  For
some reason, the REMOTE USER variable isn't being passed or isn't being
set.
			 
			For what I'm doing, Basic is enough
security...that is, if I can tell who a particular user is.
			 
			Any suggestions on what could be the problem?
			 
			Thanks again,
			 
			John

				----- Original Message ----- 
				From: Sander Holthaus - Orange XL
<mailto:info@orangexl.com>  
				To: users@httpd.apache.org 
				Sent: Monday, December 02, 2002 11:11 AM
				Subject: Re: [users@httpd] Remote User
Variable

				Where is that script located? It it
under the directory /local/web/htdocs/coa/secure/shell?
				 
				Also, using AuthType Basic is in no way
secure. Looked at AuthType Digest yet?
				 
				Kind regards,
				Sander Holthaus

				----- Original Message ----- 
				From: John Elser
<mailto:jElser@ck8.uscourts.gov>  
				To: users@httpd.apache.org 
				Sent: Monday, December 02, 2002 4:12 PM
				Subject: [users@httpd] Remote User
Variable
				
				
				I want to pass the user's login to my
script.  My httpd.conf file has this:
				<Directory
"/local/web/htdocs/coa/secure/shell">
				AuthType Basic
				AuthName "By Invitation Only"
				AuthUserFile
/usr/local/apache/bin/apachepw
				Require user jde hml skt
				</Directory>
				 
				I get prompted for a login and password
and I'm able to login in.   I then have another script that checks for
the user name.  
				 
				My script contains this code (the script
then goes into a series of if statements):
				$uname = $ENV{'REMOTE_USER'};
				 
				But $uname is not being set to the
user's login.  
				 
				When I installed apache, I simply
downloaded the binary version of it and did a pkgadd on my solaris 8
system.  Do I need to add an apache module and compile apache before I
can determine who gets prompted for a login and password? Or am I
missing something else?
				 
				Thanks,
				John
				
				 


Mime
View raw message