At 09:05 22/09/00 +1100, Hugh Irvine wrote:
>Have a look at section 11.3 in the Radiator 2.16.3 reference manual.
I did, and after spending another half a day (thankfully for the company
that hired me, I'm not making lawyer wages :-), I'm at the point where I am
prompted for a login/passwd, but radacct.cgi still show All Users
statistics instead of only the user's. For security reason, we obviously
don't want users to have access to other users' statistics.
# 5. Configure your web server so that only your customers can run
# this script. You might want to use the Pam Radius module for
# Apache to authenticate them using radius.
=> The script sure runs. Should I pass the user's name as parameter, eg.
radius.acme.com/cgi-bin/radacct.cgi?username=fred1@isp1 ?
---------------------------------
For other Apache/CGI newbies, here's what you need to do to run radacct.cgi
securely:
1. Create a sub-directory /home/httpd/cgi-bin/radius/
2. Edit /etc/httpd/conf/httpd.conf, and add the following
<Directory "/home/httpd/cgi-bin/radius">
AddHandler cgi-script .cgi
AllowOverride All
#AllowOverride AuthConfig
Options ExecCGI
#Order allow,deny
#Allow from all
</Directory>
3. In /home/httpd/cgi-bin/radius/, you need the following files:
# ls
-rw-r--r-- 1 nobody nobody 140 sep 22 11:55 .htaccess
-rw-r--r-- 1 nobody nobody 25 sep 22 10:16 .htpasswd
-rwxr-xr-x 1 nobody nobody 19708 sep 22 10:19 radacct.cgi*
4. File .htaccess contains the following
AuthUserFile /home/httpd/cgi-bin/radius/.htpasswd
AuthGroupFile /dev/null
AuthName "Radiator Statistics"
AuthType Basic
require valid-user
5. To generate file .htpasswd, run htpasswd -c .htpasswd fred1@isp1, and
set a password when prompted for it.
6. If Perl doesn't live in /usr/local/bin/perl, change the shebbang file in
radacct.cgi (eg. /usr/bin/perl)
HTH
FF.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
