give access to a protected server to all clients?

Is it possible to give access to a username/password protected server without asking all users a password?

Here's the scheme:

clientA ---}
clientB ---}-open--> serverA  ---protected----> serverB
clientC ---}

clientD --------------------------------------> serverB

I want to give access to serverB to anyone who accesses serverA. If you're allowed to access serverA, serverB is OK also.

But it should not be possible to access serverB directly.

It seems that installing a proxy-server could do the job, but that seems a little overkill to me, since proxy-servers can do much more.

I was thinking of writing a CGI-script that adds some a
Authorize: xxxxxxxxxx header to the request to serverA and resend it to serverB.

Is this possible and how should it be done?
haaymanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

PhilippeCommented:

haayman,

A simple way to give access to a procted server (B) from another server (A) is to set up a cgi script that uses a program to download the pages from B. I have done this using lynx (you can get lynx from http://www.crl.com/~subir/lynx.html ). Lynx will set up the Authorize string for you download the document and output the html.

You can use a .htaccess file to protect the documents on B and the cgi script on A. If your server doesn't allow you to protect cgi scripts, see my answer to mismith in this same topic
 http://www.experts-exchange.com/topics/comp/www/cgi//Q.8630008825

Here is a simple shell script (make that a batfile if you're on nt/95). "username:password" are the username and password required to access the documents on B.


#/bin/sh
echo "Content-type: text/html"
echo
 
lynx -source -auth=username:pw http://www.B.com/protected_stuff


  hope this helps,

    Philippe

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
haaymanAuthor Commented:
It partly works.
But how do I handle all references in the returned HTML to e.g. pictures etc.?

e.g.
Through the CGI-script I get a HTML-file back like:

<html>
<img src=/pictures/img.gif>
<form action=/cgi-bin/action.cgi>
...
</html>

How should I handle these URL's? The client expects these to be present at server A.

0
PhilippeCommented:

Haayman,

I would do the follwoing, supposing your server A is a unix machine. Run the output of lynx through sed to replace relative URLs and absolute URLs pointing to B with a URL pointing to the cgi script on A with the orginal url as parameter. Note that you'll have to use the -mime_header option of lynx since not all documents will be html.

If your system really is unix and if you're not familiar with sed I could write the script for you tomorrow, if you put it up as a question

I hope this helps, it's all I can do today.

  cheers,

    Philippe


0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Scripting Languages

From novice to tech pro — start learning today.