getting users login name after login from server

getting users login name after login from server

Post by Mark Worsdal » Sat, 11 Dec 1999 04:00:00



Hi,

I have got authuser working as in people are asked to supply a valid
userID and password (direved hourly from the main passwd file by a perl
script run from cron as root.

But the perl program called by the browser needs to get the users ID
(The one who just logged on) and for some reason our ENV is never set
with the users ID, although the browser knows it is still a valid user.

Next is there a common cgi program that can be called when the user
clicks a logoff link in an html page to clear out the usersID and
password, so if they went back into the secure area they would be asked
to Authenticate themselves once more? Apart from closing the browser
down.

I would guess it would be SetEnv instruction, where does this go
srm.conf or access.conf?

M
--
Mark Worsdall - Oh no, I've run out of underpants :(



Web site Monitoring:-             http://www.shadow.org.uk/SiteSight/

 
 
 

getting users login name after login from server

Post by Bill Mosele » Sat, 11 Dec 1999 04:00:00



Quote:> Next is there a common cgi program that can be called when the user
> clicks a logoff link in an html page to clear out the usersID and
> password, so if they went back into the secure area they would be asked
> to Authenticate themselves once more? Apart from closing the browser
> down.

Search deja.com for an article today about this
(comp.infosystems.www.authoring.cgi).  It's also in Nick's FAQ at
http://www.htmlhelp.org/faq/cgifaq.html

Quote:> I would guess it would be SetEnv instruction, where does this go
> srm.conf or access.conf?

No it's not a matter of setting an Environment variable on the server.  
You have to trick the browser into forgetting.  And it's completely
browser dependent.  You don't have control over the browser part of the
connection so it may or may not work.

--


 
 
 

getting users login name after login from server

Post by David Efflan » Tue, 14 Dec 1999 04:00:00


On Fri, 10 Dec 1999 22:30:36 +0000, Mark Worsdall


>I have got authuser working as in people are asked to supply a valid
>userID and password (direved hourly from the main passwd file by a perl
>script run from cron as root.

>But the perl program called by the browser needs to get the users ID
>(The one who just logged on) and for some reason our ENV is never set
>with the users ID, although the browser knows it is still a valid user.

If the CGI script is within the authenticated area, it will be in
REMOTE_USER.  If the CGI is outside the password protected area, there is
no authentication and therefore no REMOTE_USER.

I have seen logoff buttons, but not sure if it does something on the
server end or with a cookie.

--

http://www.de-srv.com/  http://cgi-help.virtualave.net/
http://thunder.prohosting.com/~cv-elgin/

 
 
 

getting users login name after login from server

Post by Mark Worsdal » Tue, 14 Dec 1999 04:00:00




>On Fri, 10 Dec 1999 22:30:36 +0000, Mark Worsdall

>>I have got authuser working as in people are asked to supply a valid
>>userID and password (direved hourly from the main passwd file by a perl
>>script run from cron as root.

>>But the perl program called by the browser needs to get the users ID
>>(The one who just logged on) and for some reason our ENV is never set
>>with the users ID, although the browser knows it is still a valid user.

>If the CGI script is within the authenticated area, it will be in
>REMOTE_USER.  If the CGI is outside the password protected area, there is
>no authentication and therefore no REMOTE_USER.

Do you mean the cgi-bin path must be within the directory path of the
authenticated user?

--
Mark Worsdall - Oh no, I've run out of underpants :(



Web site Monitoring:-             http://www.shadow.org.uk/SiteSight/

 
 
 

1. Login without login getting recorded into last login file

Is there anyway to login to an account 'as a normal user' without your
login getting recorded into the last login file.

I know that this is a binary file and no one could re-write it. Moreover,
I know that .hushlogin file could also be created in /etc and that would
tell the system not to record the current login, but you would have to be
GOD (root) to be able to create that file in /etc

So, I would appreciate any assistance that anyone could offer on this
matter.

********************************************************************
********************************************************************
**     WILLIAM GHORISHI                                           **
**     DEPARTMENT OF COMPUTER SCIENCE, UNIVERSITY OF TORONTO      **

**     URL          :   http://www.scar.utoronto.ca/~93ghoris/    **
**     BELIEF       :   "GOD IS REAL, UNLESS CAST TO AN INTEGER!" **
********************************************************************
********************************************************************

2. ANN: HawkNL 1.41 update

3. problem: Login after AIX 5L install: login prompt reappears after entering user name

4. need a fax (linux or X)

5. Unix server getting Novell login name for SQL check

6. raw over raid5: BUG at drivers/block/ll_rw_blk.c:1967

7. Unix server getting Novell login names for SQL useage

8. Term partially works, help

9. Getting login names from server

10. Getting login script to map win95 shares with samba "domain" logins

11. how does /usr/bin/login get the login name?

12. Can't login with nis login name

13. After entering login name, prompt returns to login