Operating System - OpenVMS
Showing results for 
Search instead for 
Did you mean: 

Authentication under Apache

Go to solution
Honored Contributor

Authentication under Apache

Does anyone have any info about authenticating a webuser who makes a connection to my Apache server?
As far as I found so far, ALL activities via web-access are done by WWW$APACHE, which is quite hard to trace back to a certain person.
I really would like to validate the accessor against SYSUAF, and allow/restrict access by granted rightsidentifiers, but if there is only a less "clean" way I would be willing to give it serious consideration.
The reason: nowadays the VMS applications are accessed by terminal emulator, but there is a really heavy management incentive that "all" functionality should be accessable "the same way", and for that way they chose Billy's IE.
At the moment serious development pilots are underway to replaced the VMS apps by some MS & some *NIX. To me that looks like spending LOTS of money to get to a reduced functionality with less security, but one GREAT advantage: it shows nice, flashy, colored displays that impress managers better than monochrome screens in character mode (and they can better use it to impress guests).
I would like to keep the VMS stuff and spend much less money, and if I can reach just about the same flashiness, then THAT would hopefully please management even better.

Any help welcome!
Don't rust yours pelled jacker to fine doll missed aches.
Honored Contributor

Re: Authentication under Apache

I wish you luck. If more people realised VMS can have web front ends parhaps less of them would get replaced. For V1.3 There is MOD_AUTH_VMS.

and especically

Purely Personal Opinion
Honored Contributor

Re: Authentication under Apache


Ian, I think I must have missed that one.

A period of excersising & testing is imminent. And then (I hope and expect) the demonstrating and all other political stuff.
Don't rust yours pelled jacker to fine doll missed aches.
Honored Contributor

Re: Authentication under Apache


My experience: This works GREAT: check against SYSUAF on username (password must be valid and non-expired, user must be non-captive, non-disuser....) and on rights_id.
I use these both. I can advise!
only point: passwords are passed as text so the site will require SSL to get it encrypted on the Internet (still working on that ;-()

Willem Grooters
OpenVMS Developer & System Manager