Solved

Is it possible for a gateway app to tell the HTTP to pass authentication to it?

Posted on 1997-07-02
3
206 Views
Last Modified: 2013-12-25
I can return a 401 error, and get the browser to bring up the authentication window, but I can't get the server to call the gateway afterward.  I would like to have the HTTP server allow access to my gateway, and pass the authentication header onto the gateway app. Then my app would perform the user db look up in its own db.  I heard that you could change the scheme from Basic to something unknown and the server would pass it along, but I haven't been able to make that happen with IIS.  Is this possible?
0
Comment
Question by:mismith
  • 2
3 Comments
 
LVL 2

Accepted Solution

by:
Philippe earned 100 total points
ID: 1828682

mismith,

there is no problem in passing authentication info to a cgi script. Consider following script. If doesn't get authentication info it will output an 401 error. This will get the browser to prompt the user for a password. In next invocation the browser will provide authentication info in the HTTP_AUTHORIZATION environment variable. Your program can then happily parse this and find out if it chooses to serve the user or not.

The script is in shell script and works with CERN httpd. Your milage may vary.

Note that you need to tell the server not to parse the headers when you generate the 401 yourself (I guess you knew that, since you already got this far). For CERN httpd you do this by setting the first three letters of the name of the script to nph (for non-parse-header).

  hope this helps,

     Philippe

#/bin/sh

if [ -n "$HTTP_AUTHORIZATION" ]
then

cat <<EOF
HTTP/1.0 200 OK
Content-type: text/html

<HTML>
<BODY>
<h2>Thank you for submitting following authorization info: </h2>
$HTTP_AUTHORIZATION
</body>
</html>
EOF

else

cat <<EOF
HTTP/1.0 401 Unauthorized
WWW-Authenticate: Basic http://www.your_host/your_directory
 
EOF

fi


0
 
LVL 2

Expert Comment

by:Philippe
ID: 1828683

mismith,

Just a small correction. Although my script works, there is no need to put any URL on the WWW-Authenticate line. The standard usage of that extra info is to specify a realm for which the password will be valid. You could thus change

WWW-Authenticate: Basic http://www.your_host/your_directory

to

WWW-Authenticate: Basic realm="wonderland"

 cheers,

   Philippe

0
 

Author Comment

by:mismith
ID: 1828684
Thanks very much for the reply, but I must not have explained myself well.

The problem I have is not in sending the 401 to the browser but getting the response back after the browser returns the user name and password.  The server sends the 401 through, but then never passes the results back onto my gateway app after the user logs in. I never did set anything to a non-parsed-header, could this be my problem? Could you explain more about the NPH? I couldn't find HTTP_AUTHORIZATION  on IIS?

I don't have a directory or file I want to protect, I just want the gateway app to ask the browser for a username and password, and then use that data to do a look up on my own database. I don't want to use the HTTP servers user-db, because frankly IIS and NT have limited scalability and flexibility and I need a db for some specific tasks.

Your comment indicates it worked for you, I am wondering if it's an IIS problem.
Thanks again for your help.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you get a (Blue Screen of Death), your system writes a small file called a minidump. Your first step is to make certain your computer is setup to record memory dumps. Right click My Computer, choose properties. Click on the advanced tab, an…
It is becoming increasingly popular to have a front-page slider on a web site. Nearly every TV website,  magazine or online news has one on their site, and even some e-commerce sites have one. Today you can use sliders with Joomla, WordPress or …
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to dynamically set the form action using jQuery.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question