https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345449#M3140 I'm a dutch system manager trying to figure out how to verify access on certain directories on disks. I can verify the username through the openvmsmodule / apache combination but once I try to verify access on certain directories by means of the www_remote_user symbol I get failures. Can anyone tell me how I can get the www_* symbols into the process context.<BR />Please send response also to:<BR />kees.tok@mw-brabant.politie.nl Fri, 30 Jul 2004 04:44:04 GMT Marco van der Sijpt 2004-07-30T04:44:04Z https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345449#M3140 I'm a dutch system manager trying to figure out how to verify access on certain directories on disks. I can verify the username through the openvmsmodule / apache combination but once I try to verify access on certain directories by means of the www_remote_user symbol I get failures. Can anyone tell me how I can get the www_* symbols into the process context.<BR />Please send response also to:<BR />kees.tok@mw-brabant.politie.nl Fri, 30 Jul 2004 04:44:04 GMT https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345449#M3140 Marco van der Sijpt 2004-07-30T04:44:04Z https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345450#M3141 AFAIK, the www_ prefix is not used with Apache. Try REMOTE_USER instead.<BR /><BR />cu,<BR /> Martin<BR /> Fri, 30 Jul 2004 08:53:50 GMT https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345450#M3141 Martin Vorlaender 2004-07-30T08:53:50Z https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345451#M3142 Hi Marco,<BR /><BR />have a look at the<BR /><BR />[.APACHE.CGI-BIN]TEST-CGI-VMS.COM that comes with the distribution. This will show most of the variables set by Apache (REMOTE_USER is not in there since it is only set if you have an authenticated user I assume). Especially note that environment settings are not prefixed with <BR />WWW_* like they are e.g. for the OSU server.<BR /><BR />Greetings, Martin Sat, 31 Jul 2004 19:16:00 GMT https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345451#M3142 Martin P.J. Zinser 2004-07-31T19:16:00Z https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345452#M3143 Marco - you will need something like this in you HTTPD.CONF file :-<BR /><BR /><DIRECTORY><BR /> Options -Indexes Includes FollowSymLinks Multiviews<BR /> AllowOverride None<BR /> AuthType Basic<BR /> AuthName "WebReport Logon"<BR /> AuthOpenVMSGroup Off<BR /> AuthOpenVMSAuthoritative On<BR /> AuthUserOpenVMS On<BR /> require valid-user<BR /> Order deny,allow<BR /> Deny from all<BR /> Allow from all<BR /></DIRECTORY><BR /><BR />You mau also need to load it as a module :-<BR /><BR />LoadModule auth_openvms_module /apache$common/modules/mod_auth_openvms.exe_alpha<BR /><BR /><BR />While I'm at it, you can also do a neet trick of authenticating against UAF and a file :-<BR /><BR /><DIRECTORY><BR /> Options -Indexes Includes FollowSymLinks Multiviews<BR /> AllowOverride None<BR /> AuthType Basic<BR /> AuthName "Web-CMS Logon"<BR /> AuthOpenVMSAuthoritative On<BR /> AuthOpenVMSGroup off<BR /> AuthGroupFile /cms$data/cms_group.prot<BR /> AuthOpenVMSUser On<BR /> require group cmsusers<BR /> Order deny,allow<BR /> Deny from all<BR /> Allow from all<BR /></DIRECTORY><BR /><BR />You then simply create a file, in this case cms$data:cms_group.prot and place the usernames in against the group:-<BR /><BR />cmsusers: MFM mfm NZC nzc DZL dzl DHU dhu CML cml<BR /><BR />The reason for upper and lowercase is that Apache is case-sensitive, so I capture both logins.<BR /><BR />Hope this helps, Rob.<BR /> Mon, 02 Aug 2004 03:48:12 GMT https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345452#M3143 Robert Atkinson 2004-08-02T03:48:12Z https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345453#M3144 Slightly midread your original request, although the answer I gave will give you directory level authentication.<BR /><BR />Here is some code I use for checking authentication for specific usernames, based on REMOTE_USER :-<BR /><BR /><BR />$ DCL "CHECK_PRIV.COM"<BR />$!<BR />$!------------------------------------------------------------------------------<BR />$! AUTHOR: Robert Atkinson - January 2003 <BR />$! VERSION: 3.0<BR />$!------------------------------------------------------------------------------<BR />$! DESCRIPTION: Module to check and return privilege levels for a specific user.<BR />$!------------------------------------------------------------------------------<BR />$! RUN FREQUENCY :<BR />$! PRERUN REQUISITES : <BR />$! RERUN PROCEDURE : <BR />$! SPECIAL NOTE : <BR />$! PARAMETERS : P1 = REQUIRED_LEVEL (USER/MANAGER)<BR />$! P2 = OVERRIDE - STOP ERROR MESSAGES BEING OUTPUT<BR />$!------------------------------------------------------------------------------<BR />$! AMENDMENT LOG:<BR />$! Date Oper Reason<BR />$!------------------------------------------------------------------------------<BR />$!<BR />$ SET ON<BR />$ ON ERROR THEN GOTO ERROR<BR />$ !<BR />$ REQUIRED_LEVEL = "''P1'"<BR />$ OVERRIDE = "''P2'"<BR />$ !<BR />$START:<BR />$ CMS$ACTION = "FALSE"<BR />$ !<BR />$ CMS$PRIV_MANAGER == "FALSE"<BR />$ CMS$PRIV_USER == "FALSE"<BR />$ !<BR />$VERIFY_PRIV:<BR />$ CMS$ACTION = "FALSE"<BR />$ !<BR />$ DEFINE SYS$OUTPUT SYS$TEMP:CMS_UAF_'PRCPID'.TMP<BR />$ UAF SH 'REMOTE_USER'<BR />$ DEASS SYS$OUTPUT<BR />$ !<BR />$CHECK_MANAGER:<BR />$ @OPS$COM_FILES:EXTRACT_REPORT_LINE SYS$TEMP:CMS_UAF_'PRCPID'.TMP " CMS_MANAGER " 0<BR />$ !<BR />$ IF EXTRACTED_LINE .EQS. "STRINGNOTFOUND"<BR />$ THEN<BR />$ IF REQUIRED_LEVEL .EQS. "MANAGER" THEN GOSUB DISPLAY_ERROR_MESSAGE<BR />$ ELSE<BR />$ CMS$PRIV_MANAGER == "TRUE"<BR />$ ENDIF<BR />$ !<BR />$CHECK_USER:<BR />$ @OPS$COM_FILES:EXTRACT_REPORT_LINE SYS$TEMP:CMS_UAF_'PRCPID'.TMP " CMS_USER " 0<BR />$ !<BR />$ IF EXTRACTED_LINE .EQS. "STRINGNOTFOUND"<BR />$ THEN<BR />$ IF REQUIRED_LEVEL .EQS. "USER" THEN GOSUB DISPLAY_ERROR_MESSAGE<BR />$ ELSE<BR />$ CMS$PRIV_USER == "TRUE"<BR />$ ENDIF<BR />$ !<BR />$ DEL /NOLOG SYS$TEMP:CMS_UAF_'PRCPID'.TMP;*<BR />$ !<BR />$ GOTO END<BR />$ !<BR /><BR /><BR /><BR />$DISPLAY_ERROR_MESSAGE:<BR />$ IF OVERRIDE .EQS. "OVERRIDE" THEN GOTO END_DISPLAY_ERROR_MESSAGE<BR />$ !<BR />$ @CMS$SYSTEM:SHOW_OWNER<BR />$ !<BR />$ WS "<TITLE>Web-CMS - Privilege Error</TITLE>"<BR />$ !<BR />$ WS "&lt;meta content="" 2="" /&gt;"<BR />$ WS ""<BR />$ WS ""<BR />$ WS "<BR /><BR /><BR /><BR />"<BR />$ WS "<P align="" center=""><B><FONT color="" red="">You do not have the required privilege to use this option!!!</FONT></B></P>"<BR />$ WS ""<BR />$ !<BR />$END_DISPLAY_ERROR_MESSAGE:<BR />$ RETURN<BR />$ GOTO ERROR<BR />$ !<BR /><BR /><BR /><BR /><BR /><BR />$END:<BR />$ EXIT %X00001<BR />$ !<BR />$ERROR:<BR />$ ERRORMOD CHECK_PRIV ERROR "CHECK_PRIV HAS BLOWN OUT - PLEASE INVESTIGATE"<BR />$ !<BR />$ DEASS SYS$OUTPUT<BR />$ !<BR />$ EXIT %X00004<BR />$ !<BR />$ !<BR />$ ! Mon, 02 Aug 2004 03:52:28 GMT https://community.hpe.com/t5/operating-system-openvms/apache-openvms-username-verification/m-p/3345453#M3144 Robert Atkinson 2004-08-02T03:52:28Z