HPE Community
Operating System - OpenVMS
1752616 Members
4467 Online
108788 Solutions
New Discussion юеВ

Re: CSWS authentication in URL ?

 
SOLVED
Go to solution
Willem Grooters
Honored Contributor

тАО04-01-2009 11:46 AM

тАО04-01-2009 11:46 AM

CSWS authentication in URL ?

Situation: CSWWS 1.3; CGI script, directoryis defined:


Options Indexes FollowSymLinks Multiviews
Order allow,deny
AllowOverride ALL

AuthType Basic
AuthName "Whatever"
AuthOpenVMSuser On
Require valid-user



Mapping of this directory is /wg/cgi/.

The URL http://server:port/wg/cgi/... requests login, under CSWS control.
However, a non-VMS program wants to access this script over the (internal) network, passing username and password in the URL-header, so the interactive login-sequence by CSWS is bypassed; still, MOD_AUTH_OPENVMS should still check the credentials with VMS. The script and accompanying software will do it's own checks, but only if the user is validated against VMS.

I'm told it should be possible with this setup, but I couldn't find how to specify username and password in the URL.

My question is how do I specify these credentials?

(I know http will send data without encryption, but for the moment, this is no issue (closed network). In the future, we'll use https for transport, but for clearity we would do without to start with)
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
9 REPLIES 9
Cass Witkowski
Trusted Contributor

тАО04-01-2009 03:08 PM

тАО04-01-2009 03:08 PM

Re: CSWS authentication in URL ?

http:/username password/server:port/wg/cpi/
0 Kudos
Willem Grooters
Honored Contributor

тАО04-01-2009 09:52 PM

тАО04-01-2009 09:52 PM

Re: CSWS authentication in URL ?

That doesn't work, at leastr, not using a browser (used to test)
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Bojan Nemec
Honored Contributor

тАО04-01-2009 10:35 PM

тАО04-01-2009 10:35 PM

Solution

Re: CSWS authentication in URL ?

Willem,

The right syntax for defining username and password in URL is:

http://username:password@hostname:port/

See specification at page 17 of the RFC.

http://www.ietf.org/rfc/rfc1738.txt

Bojan
0 Kudos
Willem Grooters
Honored Contributor

тАО04-01-2009 11:30 PM

тАО04-01-2009 11:30 PM

Re: CSWS authentication in URL ?

Thanks Bojan, just a minor (?) issue. It works for Mozilla, but not in IE6 (and that's what is used in environment)
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Willem Grooters
Honored Contributor

тАО04-02-2009 12:17 AM

тАО04-02-2009 12:17 AM

Re: CSWS authentication in URL ?

I may have found the IE6 issue: For a change, IE seems to adhere to a standard. This RFC states for HTTP:
[quote]
An HTTP URL takes the form:

http://:/?

where and are as described in Section 3.1. If : is omitted, the port defaults to 80. No user name or password is allowed.
[/quote]

Anyway, since it works using FireFox, I can work with it :)
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Martin Vorlaender
Honored Contributor

тАО04-02-2009 12:22 AM

тАО04-02-2009 12:22 AM

Re: CSWS authentication in URL ?

Willem,

>>>
It works for Mozilla, but not in IE6
<<<

IMHO, http://www.end6.org/

cu,
Martin
0 Kudos
Bojan Nemec
Honored Contributor

тАО04-02-2009 01:54 AM

тАО04-02-2009 01:54 AM

Re: CSWS authentication in URL ?

Willem,

Microsoft explanation:

http://support.microsoft.com/kb/834489

Bojan
0 Kudos
Willem Grooters
Honored Contributor

тАО04-02-2009 03:10 AM

тАО04-02-2009 03:10 AM

Re: CSWS authentication in URL ?

That explains it.
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Willem Grooters
Honored Contributor

тАО04-02-2009 03:13 AM

тАО04-02-2009 03:13 AM

Re: CSWS authentication in URL ?

See discussion
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.