This seems to have worked nicely. Between ns_respond, ns_return 403,
and ns_requestauthorize, I've got everything working exactly the
way I wanted.
Although, it would be cool if nsperm didn't use JunctionFind and
instead allowed you to use wildmat matching (globbing). Although,
I wonder what kind of big performance hit that would be ...
- Dossy
On 2001.04.18, Dossy <[EMAIL PROTECTED]> wrote:
> Is there anything in the AOLserver API that lets you get users
> in a group defined in nsperm?
>
> Imagine I've created a group "editors" that contains a couple of
> users. I want to register a preauth filter that matches a URLpattern
> like "/*@" such that any URL ending with "@" matches the filter.
> The filter will want to ensure that the person accessing the URL
> is supplying the appropriate HTTP authentication for a username
> in the "editors" group as defined in nsperm.
>
> All I've found so far is ns_checkurl, ns_passwordcheck, ns_perm,
> ns_permpasswd, and ns_requestauthorize. ns_checkurl and
> ns_requestauthorize appear to be identical.
>
> What I've considered doing (let me know if this sounds like a
> bad idea):
>
> Create a "dummy" URL in nsperm/perms allowgroup for the "editors" group:
>
> allowgroup noinherit GET /some/dummy/url editors
>
> Then, in my preauth filter, do:
>
> ns_requestauthorize GET /some/dummy/url \
> [ns_conn authuser] [ns_conn authpassword]
>
> Of course, ns_requestauthorize doesn't return UNAUTHORIZED, so I'd
> have to check to see if [ns_conn authuser] and [ns_conn authpassword]
> were both empty strings and ns_returnunauthorized myself before
> trying ns_requestauthorize ...
>
> Let me know if anyone can see a better way of doing this. Otherwise,
> that's where I'm headed.
>
> - Dossy
>
> --
> Dossy Shiobara mail: [EMAIL PROTECTED]
> Panoptic Computer Network web: http://www.panoptic.com/
--
Dossy Shiobara mail: [EMAIL PROTECTED]
Panoptic Computer Network web: http://www.panoptic.com/
