>>>Cezar Totth said:
> This message is about two additions we will be glad if you'll include in
> future tclhttpd.
>
> 1. Authentication in Direct_Url handler
> 2. A (little) more sophisticated password checking, specially usefull in
> intranets.
TclHttpd 3.0 has a "Url_AccessHook" mechanism that provides what you need.
Instead of modifying the direct.tcl module as you have done, just apply
a general access hook to whatever part of the URL tree you want.
An easy way to do that is to create a shadow file-system that
corresponds to your application-direct URLs (e.g., /debug) that
contain either .tclaccess or .htaccess files.
> We use tclhttpd here at Genesys to run internally some reports over
> ODBC (using tclhttpd+tclodbc on either Linux or Windows), against our
> general accounting database.
>
> 1. We found that the authentication is used only for normal documents -
> only doc.tcl handlers perform authentication.
>
> This situation is unhappy because one might like to protect also
> applications published through Direct_Url virtual paths, not only
> "touchable" files.
>
> Here is attached a modified direct.url (tclhttpd3.0.0) wich now uses auth
> module.
>
> However there should be a more general authentication, to be
> equally applied to any virtual path no matter what
> handler matches for each individual http request -
> our direct.tcl hack isnt good for CGI or other handlers.
>
> 2. Also we want to delegate verification for user passwords against
> another existing authentication system in localnet - e.g. internal mail
> server that users are using frequently, making it easy:
> - for users to remember passwords - they already use them elsewhere.
> - for administrators - they dont need to replicate or to maintain
> another password table.
>
> The attached passcheck.tcl provides such a generic package, including
> password verifiers for pop3 and odbc databases.
Cool - I can easily drop your passcheck.tcl file into the sources.
-- Brent Welch <[EMAIL PROTECTED]>
http://www.ajubasolutions.com
Scriptics changes to Ajuba Solutions
scriptics.com => ajubasolutions.com
