× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. WEB400
  3. June 2006

Re: Handling 500-Internal Server error caused by lack ofauthority at the object level

The error messages are customizable and you could even write a Net.Data
macro or a CGI program that is called which could look at the URL and do
whatever you want (I did this on our B2B shopping site to get different
looking 401 and 403 error pages for each virtual directory). You're
basically restricted to the HTTP headers as far as information goes so
short of writing your own error handling module, you're not likely to
get enough info back to tell you it was an authority issue.

Matt

-----Original Message-----
From: web400-bounces+matt.haas=thomson.com@xxxxxxxxxxxx
[mailto:web400-bounces+matt.haas=thomson.com@xxxxxxxxxxxx] On Behalf Of
Wilt, Charles
Sent: Friday, June 16, 2006 1:28 PM
To: Web Enabling the AS400 / iSeries
Subject: [WEB400] Handling 500-Internal Server error caused by lack
ofauthority at the object level

I'm wondering if there's any way to provide a more specific error
message when the call to an RPG CGI program fails due to a lack of
authority to the CGI program.

This is the setup I have now:

I've got some CGI program set up with *PUBLIC *USE, others are set up
*PUBLIC *EXCLUDE.

My Apache configuration file includes the following lines:
           ScriptAliasMatch /melcgip/public(.*).pgm
/qsys.lib/melcgi.lib/$1.pgm
           ScriptAliasMatch /melcgip/protected(.*).pgm
/qsys.lib/melcgi.lib/$1.pgm
           <Location /melcgip/protected>
                AuthName "Protected - iSeries Username required"
                AuthType Basic
                PasswdFile %%SYSTEM%%
                UserID %%CLIENT%%
                Require valid-user
           </Location>
           <Directory /QSYS.LIB/MELCGI.LIB>
                Options None
                order allow,deny
                allow from all
           </Directory>
  
This works the way I want it to.  
--CGI programs accessed via the /melcgip/public/ path don't ask for an
iSeries username and password.  
--CGI programs accessed via the /melcgip/protected/ path do ask for an
iSeries username and password.


If I have a CGI program with *PUBLIC *EXCLUDE named myprog.pgm to which
the QTMHHTP1 and QTMHHTTP profile's don't have authority to either and a
user accidentally types in //my400/melcgip/public/myprog.pgm the see the
rather unhelpful error message:
500 Internal Server Error
Cannot read script output pipe.

Is there anyway to provide a better error message or even better
automatically redirect the correct path of
//my400/melcgip/protected/myprog.pgm?


I suppose I could always split the CGI programs into two separate
libraries, but I'd rather not.  

I suppose I could use have to separate IFS directories with symbolic
links to the actual programs, but that would be more work.

Does anybody out there have any other solutions?


Thanks,

Charles Wilt
--
iSeries Systems Administrator / Developer
Mitsubishi Electric Automotive America
ph: 513-573-4343
fax: 513-398-1121

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.