× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. WEB400
  3. January 2009

Re: Using UserID and Pawword with HTTP server (V5R1 original)

Dear Simon

Thank you so very much for taking the time to send such a long reply. I had
tried so many different configurations over the last few days without
success. Now, thanks to you, I can log on. Even then, I ran immediately
into ACL problems and it tool me a while to overcome them but evenutally I
did.

Matt had earlier posted an almost correct solution.

I can now move forward - until the next stumbling block.

Its easy when you know how and now I do.

Many thanks for your kindness.

Best wishes

Rob

2009/1/26 Simon Coulter <shc@xxxxxxxxxxxxxxxxx>


On 26/01/2009, at 8:41 PM, Rob Dixon wrote:

I didn't copy line 1140 correctly. It should have read

01140 Exec /cgi-bin/stipple
/QSYS.LIB/E290PRDOBJ.LIB/e290G00000.PGM

I thought part of it was missing but it's not material to the problem
at hand.


Clearly you are quite correct, but I had tried

01080 Protect /QSYS.LIB/E290PRDOBJ.LIB/e290G00000.PGM
TestProt

earlier, but with the same result.

Well that's not going to work!

I thought I had clearly pointed out the error but I see I'll have to
TELL you the answer rather than let you work out the solution.

Protection is failing for you because:
1) in the above example you are applying protection to the program
path
2) in the previous example you are applying protection to a
different request

Protect:
Use this directive to activate protection setup rules for requests
that match a template.

Operative word is "requests"

Syntax:
Protect request-template [[label] [FOR IP-address-template]]

Note "request-template"

Exec:
Use this directive to specify a template for requests you want to
accept and respond to by running a CGI program.

Operative word is "requests"

Syntax:
Exec request-template [program-path [IP-address-template]]
[CGIConvMode [CgiThreadedMode]]

Note "request-template" vs. "program-path"

Thus it should be apparent that "request" is what the client sends
you therefore you need to apply your protection to THAT request.

Page 152 in the IBM HTTP Server (original) for iSeries Webmaster's
Guide V5R2 under "Step 1. Activating protection" clearly shows you
must protect requests.

Once the user has authenticated and is allowed to run the request the
web-server will perform any PASS, MAP, or EXEC directives.

Thus your protect statement must be:
Protect /cgi-bin/stipple TestProt

Regards,
Simon Coulter.
--------------------------------------------------------------------
FlyByNight Software OS/400, i5/OS Technical Specialists

http://www.flybynight.com.au/
Phone: +61 2 6657 8251 Mobile: +61 0411 091 400 /"\
Fax: +61 2 6657 8251 \ /
X
ASCII Ribbon campaign against HTML E-Mail / \
--------------------------------------------------------------------



--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.





As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.