|
Larry, I believe the HTTP server instance does not allow both protection of both user ids and validation lists in the same instance. I have been playing with this for a while and have not been able to get it to work. Even Brad couldn't give much insite. You can look at the code on our box for instance TEST and see what I have done. In one tact it doesn't make sense. You would like trusted users to get to very secure areas and less than trusted, only access to other areas. I don't understand the logic behind it. On another tact, it just may be easier to code for IBM, which I have been guilty of from time to time. It would be nice to know if other HTTP servers (Apache, IIS) allow this. Jay Peasley Arbor Solutions, Inc ----- Original Message ----- From: "Larry Bolhuis" <lbolhuis@arbsol.com> To: "Midrange Systems Mailing List" <MIDRANGE-L@midrange.com> Sent: Thursday, January 18, 2001 11:48 AM Subject: Protection in an HTTP Proxy instance > All the distinguished minds hereby present: > > I have set up an instance of the HTTP server as a caching proxy. I have > successfully configured it to only allow access to the internet for > users with an AS/400 userid and profile with basic authentication and > the "protect http:* SECUREPROXY" directive. (SECUREPROXY being the name > assigned to the protection setup) So far so good. > > The requirement now is to allow certain specific web sites to NOT > require authentication. I have successfully gotten "protect > http://www.ibm* NOTSECURE" to correctly use this protection setup for > all ibm.com web sites. What I CANNOT do is stop if from prompting for a > userid and password. What must I do to the protection setup (listed > below) so that it does NOT prompt the user?? > > 00030 Protection NOTSECURE { > 00040 PasswdFile %%SYSTEM%% > 00050 DeleteMask All@(*) > 00060 PostMask All@(*) > 00070 PutMask All@(*) > 00080 GetMask All@(*) > 00090 AuthType Basic > 00100 ServerID NOTSECURE > 00110 UserID QUSER > 00120 } > <snip> > 00220 protect ftp:* SECUREPROXY > 00230 protect http:* > SECUREPROXY > 00240 protect http://www.ibm* NOTSECURE > 00250 proxy ftp:* > 00260 proxy http:* > <snip> > > TIA - Larry > > > -- > Larry Bolhuis > Arbor Solutions, Inc. > (616) 451-2500 > (616) 451-2571 -fax > lbolhuis@arbsol.com > +--- > | This is the Midrange System Mailing List! > | To submit a new message, send your mail to MIDRANGE-L@midrange.com. > | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. > | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. > | Questions should be directed to the list owner/operator: david@midrange.com > +--- > > +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
