Hi,
I never took care of authorization till now . Investigated it a rather
long time ago but I still miss some understanding.
What I know I wrote down in a file (refer to attachment).
The most crucial step I mis is how to create for a single user an
authorization.
The contents of my .htaccess file is:
AuthUserFile /usr/local/www/access/passwd
AuthGroupFile /usr/local/www/access/group
AuthName Petrus
AuthType Basic
<Limit GET POST>
require user piet
</Limit>
What I have to do based on following facts:
realm: Petrus
group: web
user: piet
password: vloet
Do I have to insert also
require group web ??
And how does the entry in /usr/local/access/passwd look like
e.g.:
tclsh
package require crypt
1.1
crypt vloet <???>
returns e.g.: abc
So passwd looks like:
12:piet:abc:... ????
Should/must the group file look like:
3434:web:piet,......
I worked on auth.tcl to support
multiple entries like:
require user piet
require user piet2
require group group1
require group group2
I coded on NT and never completed the port to Solaris. Now I want to
finish it.
Thanks,
Piet
--
#-------With best regards, Mit freundlichen Gruessen, Met vriendelijke groet,
------
# Piet Vloet
# Siemens AG Austria
# Boschstrasse 10 Phone : +43-51707-42906
# A-1190 Vienna Fax : +43-51707-52606
# mailto:[EMAIL PROTECTED] WWW:http://www.siemens.at
The tclhttpd webserver protect URL by it's auth package.
How is the authorization mechanism implementiert.
In the directory is placed a file called .htaccess of .tclaccess.
These files contain a set of keywords and
Each line contains a keyword with one or more arguments.
Also comments lines, a line starting with an asterix (#), and "empty" lines
allowed.
The Keywords are case insensitive.
password file in unix format id:user-id:password
groups file in unix format id:group-id:{user},*
.htaccess
AuthType <type>
type :: Basic|TCL
AuthName <name>
name :: <ASCII>
Displayed in Popup-Menu.
AuthUserFile <filename>
AuthGroupFile <filename>
Limit / <LIMIT <op>
op :: "GET | POST"
/Limit / /Limit
Following Keywords must be enclosed by the Keywords <Limit <args> > and </Limit>!
## ACTIVATE USER and/or GROUP protection
Require <key value>
key :: "user | group"
value :: "USERNAME | GROUPNAME"
As soon as more than one person is allowed to access an URL, a group has to be
created.
Not allowed is:
require user ME
require user YOU
or
require user ME YOU
NOT NICE !!
IF PEOPLE LIKE TO REMEMBER A LOT OF PASSWORDS !!
## NETWORK BASED PROTECTION
In the case "allow" and/or "deny" is specified, order must be specified too!!
(2.3.6)
Order <value>
value :: "allow | deny"
Deny <args>
args :: "[from] {fully qualified network}* | all"
Allow <args>
args :: "[from] {fully qualified network}* | all
e.g.:
Only the users from the domain hacker.com must be denied:
allow all
deny hacker.com
order allow deny
Only the users of friends.org have unlimited access:
allow friends.org
deny from all
order deny allow
