CGI and REMOTE_USER

Markus Stumpf <stumpf@informatik.tu-muenchen.de>

Mail folder: WWW Talk Jan 94-present
Next message: Vinay Kumar: "Re: sd access through a WWW server"
Previous message: William C Fenner: "First shot at sd via WWW"
Reply: George Phillips: "Re: CGI and REMOTE_USER"
Reply: Rob McCool: "Re: CGI and REMOTE_USER"
Reply: Rob McCool: "Re: CGI and REMOTE_USER"

Subject: CGI and REMOTE_USER
From: Markus Stumpf <stumpf@informatik.tu-muenchen.de>
To: www-talk@www0.cern.ch
Date: 	Tue, 18 Jan 1994 22:34:22 +0100
X-Mailer: ELM [version 2.4 PL6]
Content-Type: text
Content-Length: 1164      
Message-id: <94Jan18.223435mesz.311353@hprbg5.informatik.tu-muenchen.de>

Hello!

I have hacked rfc931 identification into the NCSA httpd-1.0 code.
No big deal :) I've used the rfc931.c from tcp-wrappers package and added
one line to httpd.c.

For those unfamiliar with rfc931: this makes a connection back to
the client host and tries to contact an indent daemon which provides
the username of the user owning the client socket.
We want to use this feature to gain more information on (mostly local)
users using scripts (for sending mail to webmaster, etc.).

I'd like to provide this information within the CGI scripts, but it looks
like REMOTE_USER is the wrong variable. To be true, I think REMOTE_USER
would be the correct one but the current name for what it is used for
is misleading and should be changed to AUTH_USER  :)
As like I read the spec the real user on the client side and the user
that should be authenticated mustn't necessarily be the same, right?

Any ideas, comment?

	\Maex
-- 
______________________________________________________________________________
 Markus Stumpf                        Markus.Stumpf@Informatik.TU-Muenchen.DE 
                                http://www.informatik.tu-muenchen.de/~stumpf/