Access control and the CERN httpd
heaney@gatwick.sgp.slb.com
Errors-To: listmaster@www0.cern.ch
Date: Wed, 23 Mar 1994 16:23:30 --100
Message-id: <9403231517.AA18177@mordred.gatwick.sgp.slb.com>
Errors-To: listmaster@www0.cern.ch
Reply-To: heaney@gatwick.sgp.slb.com
Originator: www-talk@info.cern.ch
Sender: www-talk@www0.cern.ch
Precedence: bulk
From: heaney@gatwick.sgp.slb.com
To: Multiple recipients of list <www-talk@www0.cern.ch>
Subject: Access control and the CERN httpd
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
Content-Length: 1302
A problem I have run into that some kind soul may be able to help me with:-
The CERN http (2.16) supports access control configurable by domain and/or
user name and password. If a domain mask is specified then there is no
prompt for a passord - if a list of users is specified then a user name and
password are required. Taking an example from the CERN doc:
authors: john, james
cern_people: @128.141.*.*
the first line is user based access, the second domain mask based.
I would like to run CGI script which must for various reasons be run setuid -
hence requiring the browser to provide an username and password. However,
the list of users that are to be permitted to use the script is vast. To
maintain a list of all of the valid users in the .group file is impractical.
Much simpler would be in some way to specify all users from a particular domain.
_However_, there does not seem to be a valid way of doing this. Neither
(*)@134.32.*.* or *@124.32.*.* seems to be valid group declaration.
So, the basic question is, (using the CERN httpd), how do you get the browser
to supply a username and password without supplying a group definition which
specifies user names?
Any suggestions? With thanks,
Steve Heaney
Schlumberger Geco-Prakla
heaney@gatwick.sgp.slb.com