Access control and the CERN httpd
Date: Wed, 23 Mar 1994 16:23:30 --100
Message-id: <>
Precedence: bulk
To: Multiple recipients of list <>
Subject: Access control and the CERN httpd
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
Content-Length: 1302

A problem I have run into that some kind soul may be able to help me with:-

The CERN http (2.16) supports access control configurable by domain and/or 
user name and password.  If a domain mask is specified then there is no 
prompt for a passord - if a list of users is specified then a user name and 
password are required.  Taking an example from the CERN doc:

   authors: john, james
   cern_people: @128.141.*.*

the first line is user based access, the second domain mask based.

I would like to run CGI script which must for various reasons be run setuid - 
hence requiring the browser to provide an username and password.  However, 
the list of users that are to be permitted to use the script is vast.  To 
maintain a list of all of the valid users in the .group file is impractical.  
Much simpler would be in some way to specify all users from a particular domain.

_However_, there does not seem to be a valid way of doing this. Neither 
(*)@134.32.*.* or *@124.32.*.* seems to be valid group declaration.

So, the basic question is, (using the CERN httpd), how do you get the browser 
to supply a username and password without supplying a group definition which 
specifies user names?

Any suggestions?  With thanks,

Steve Heaney

Schlumberger Geco-Prakla