On 07/10/2010 12:52 AM, Kyle Kienapfel wrote:
> On Fri, Jul 9, 2010 at 9:19 PM, Eric G. Wolfe<eric.wo...@marshall.edu> wrote:
>
>> I was looking at the proof-of-concept per-user menus, here:
>> http://etherboot.org/wiki/appnotes/authmenus and had a couple questions.
>>
>> I assume the gPXE login command is implemented in C code, as opposed to
>> using external Apache basic auth modules, is that a correct assumption?
>> Could Apache auth module support be implemented?
>>
> It looks like the login command sets two variables.
>
So I can just pass those same escaped variables to a Perl script, and it
basically works the same with any server-side scripting?
>> If I understand correctly the process would be something along the lines of:
>> A gPXE login cmd is first called which then chainloads to a user/pass
>> encoded URI -> this could get passed to a mod_auth_kerb protected
>> script, which then looks up AD group membership and generates a dynamic
>> pxelinux menu based on that group membership.
>>
>> In other words, as I understand it, the first gPXE script cannot
>> generate a login UI for any given Apache Basic Auth module. Because
>> gPXE, uses its own C code to "draw" a login UI for authentication, is
>> that correct? I'm not that familiar with PHP to grasp whether
>> ${password:uristring} that is a built-in PHP thing, a global variable,
>> or something that the gPXE login command exports for use by any
>> server-side scripting language.
>>
>>
> I thought https://user:passw...@somewhere/ was "basic auth"
>
I guess my confusion originated from the example pointing at the initial
gPXE script, instead of directly at a "basic auth" protected directory.
But this makes more sense now, because it isn't like you can pop-up a
login dialog in gPXE like you would with a browser.
_______________________________________________
gPXE mailing list
gPXE@etherboot.org
http://etherboot.org/mailman/listinfo/gpxe
