EIM and kerberos authentication in http -- WEB400

× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.

I need to know the username of remote users who accesses to the webserver via browser

I configured EIM on MYAS400 and the entries listed below are in keytab

krbsvr400/MYAS400@xxxxxxxxxx
HTTP/MYAS400@xxxxxxxxxx
HOST/MYAS400@xxxxxxxxxx
cifs/MYAS400@xxxxxxxxxx
krbsvr400/MYAS400.societa.it@xxxxxxxxxx
HTTP/MYAS400.SOCIETA.IT@xxxxxxxxxx
HOST/MYAS400.societa.it@xxxxxxxxxx
cifs/MYAS400.societa.it@xxxxxxxxxx

I have configured a webserver in /QOpenSys
/QOpenSys/test
and in /QOpenSys/test/appl/bin I put a script testcgi.sh to run

Script testcgi.sh:

#!/QOpenSys/usr/bin/sh
echo "Content-type: text/plain\n\n<HTML>\n"
echo "---- test environment variable REMOTE_USER ----"
echo REMOTE_USER=[$REMOTE_USER] "\n"

I entered in httpd.conf the entries for kerberos authentication

<Directory /QOpenSys/test/appl/bin>
   order allow,deny
   allow from all
   AuthType Kerberos
   PasswdFile %%KERBEROS%%
   UserID %%CLIENT%%
   Require valid-user
</Directory>
ScriptAlias /testcgi/         /QOpenSys/test/appl/bin/

when I run the script      http://MYAS400/testcgi/testcgi.sh
I get the error 403

removing the entrances for KERBEROS authentication the script works correctly but REMOTE_USER variable is not set

can anyone help my ?
thanks

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.