× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



That looks okay but are you sure the program is actually being protected? For example, can you see the user name in the access log?

Matt

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of Raul A. Jager W.
Sent: Monday, August 11, 2008 11:17 AM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] User profile in secure pages (https)

I have v5r3, and the Apache conf for the ssl page looks like:

<Directory /QSYS.LIB/AVI.LIB>
Order Allow,Deny
Allow From all
Require valid-user
PasswdFile %%SYSTEM%%
AuthType Basic
AuthName "ABC Color"
SSLRequireSSL
SetEnv HTTPS_PORT 443
</Directory>


Haas, Matt (CL Tech Sv) wrote:

That is not normal. The environment variable REMOTE_USER normally contains the user name that is provided during basic authentication (or nothing if its not password protected). It would help to see your web server configuration.

Matt

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of Raul A. Jager W.
Sent: Monday, August 11, 2008 11:04 AM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] User profile in secure pages (https)

I have already tryed REMOTE_USER, it also brings QTMHHTP1

David Gibbs wrote:



Raul A. Jager W. wrote:




I got a certificate and set up a secure page in the iSeries, it works
very well. But I just noticed that the pages that require authentication
do not pass the user profile to the program, they just pass QTMHHTP1
The same program in a non-secure library receives the user profile by
creating a field with INZ(*USER) or in the program status DS.




If you're using basic authentication, I think you need to get the user profile from the REMOTE_USER environment variable.

It's been a while since I worked on a RPG web app ... but I'm pretty sure the web server always runs under the same user profile.

david





--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.




--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.