https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167426#M41999 Willem,<BR /><BR />The right syntax for defining username and password in URL is:<BR /><BR />http://username:password@hostname:port/<BR /><BR />See specification at page 17 of the RFC.<BR /><BR /><A href="http://www.ietf.org/rfc/rfc1738.txt" target="_blank">http://www.ietf.org/rfc/rfc1738.txt</A><BR /><BR />Bojan Thu, 02 Apr 2009 05:35:05 GMT Bojan Nemec 2009-04-02T05:35:05Z https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167423#M41996 Situation: CSWWS 1.3; CGI script, directoryis defined:<BR /><BR /><DIRECTORY><BR /> Options Indexes FollowSymLinks Multiviews<BR /> Order allow,deny<BR />AllowOverride ALL<BR /><LIMIT get="" post=""><BR />AuthType Basic<BR />AuthName "Whatever"<BR />AuthOpenVMSuser On<BR />Require valid-user<BR /></LIMIT><BR /></DIRECTORY><BR /><BR />Mapping of this directory is /wg/cgi/.<BR /><BR />The URL http://server:port/wg/cgi/... requests login, under CSWS control.<BR />However, a non-VMS program wants to access this script over the (internal) network, passing username and password in the URL-header, so the interactive login-sequence by CSWS is bypassed; still, MOD_AUTH_OPENVMS should still check the credentials with VMS. The script and accompanying software will do it's own checks, but only if the user is validated against VMS.<BR /><BR />I'm told it should be possible with this setup, but I couldn't find how to specify username and password in the URL. <BR /><BR />My question is how do I specify these credentials?<BR /><BR />(I know http will send data without encryption, but for the moment, this is no issue (closed network). In the future, we'll use https for transport, but for clearity we would do without to start with) Wed, 01 Apr 2009 18:46:12 GMT https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167423#M41996 Willem Grooters 2009-04-01T18:46:12Z https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167424#M41997 http:/username password/server:port/wg/cpi/ Wed, 01 Apr 2009 22:08:54 GMT https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167424#M41997 Cass Witkowski 2009-04-01T22:08:54Z https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167425#M41998 That doesn't work, at leastr, not using a browser (used to test) Thu, 02 Apr 2009 04:52:38 GMT https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167425#M41998 Willem Grooters 2009-04-02T04:52:38Z https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167426#M41999 Willem,<BR /><BR />The right syntax for defining username and password in URL is:<BR /><BR />http://username:password@hostname:port/<BR /><BR />See specification at page 17 of the RFC.<BR /><BR /><A href="http://www.ietf.org/rfc/rfc1738.txt" target="_blank">http://www.ietf.org/rfc/rfc1738.txt</A><BR /><BR />Bojan Thu, 02 Apr 2009 05:35:05 GMT https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167426#M41999 Bojan Nemec 2009-04-02T05:35:05Z https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167427#M42000 Thanks Bojan, just a minor (?) issue. It works for Mozilla, but not in IE6 (and that's what is used in environment) Thu, 02 Apr 2009 06:30:02 GMT https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167427#M42000 Willem Grooters 2009-04-02T06:30:02Z https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167428#M42001 I may have found the IE6 issue: For a change, IE seems to adhere to a standard. This RFC states for HTTP:<BR />[quote]<BR />An HTTP URL takes the form:<BR /><BR /> http://<HOST>:<PORT>/<PATH>?<SEARCHPART><BR /><BR /> where <HOST> and <PORT> are as described in Section 3.1. If :<PORT> is omitted, the port defaults to 80. No user name or password is allowed.<BR />[/quote]<BR /><BR />Anyway, since it works using FireFox, I can work with it :)<BR /></PORT></PORT></HOST></SEARCHPART></PATH></PORT></HOST> Thu, 02 Apr 2009 07:17:22 GMT https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167428#M42001 Willem Grooters 2009-04-02T07:17:22Z https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167429#M42002 Willem,<BR /><BR />&gt;&gt;&gt;<BR />It works for Mozilla, but not in IE6<BR />&lt;&lt;&lt;<BR /><BR />IMHO, <A href="http://www.end6.org/" target="_blank">http://www.end6.org/</A><BR /><BR />cu,<BR /> Martin Thu, 02 Apr 2009 07:22:32 GMT https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167429#M42002 Martin Vorlaender 2009-04-02T07:22:32Z https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167430#M42003 Willem,<BR /><BR />Microsoft explanation:<BR /><BR /><A href="http://support.microsoft.com/kb/834489" target="_blank">http://support.microsoft.com/kb/834489</A><BR /><BR />Bojan Thu, 02 Apr 2009 08:54:03 GMT https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167430#M42003 Bojan Nemec 2009-04-02T08:54:03Z https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167431#M42004 That explains it. Thu, 02 Apr 2009 10:10:21 GMT https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167431#M42004 Willem Grooters 2009-04-02T10:10:21Z https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167432#M42005 See discussion Thu, 02 Apr 2009 10:13:07 GMT https://community.hpe.com/t5/operating-system-openvms/csws-authentication-in-url/m-p/5167432#M42005 Willem Grooters 2009-04-02T10:13:07Z