I am using Netscape Enterprise Server 2.01 and am trying to implement some restrictions on directorys on the server.
I have three users; guest, pilot, and staff.
I have a directory hierarchy :-
| | |
index.cgi html cgi-bin
some lots of cgi | |
html scripts index.cgi secure
The security I'm after is :-
None on db_bin so that the index.cgi scripts can be accessed by anyone.
Any of the users (guest, pilot, staff) on cgi-bin, causing a
Username/password prompt from the link off db_bin/index.cgi to
Only user staff may run cgi's in db_bin/cgi-bin/secure.
To implement this security, I set the server as described.
I was hoping that, if, after logging in a guest to access
db_bin/cgi-bin/index.cgi, the user tries to access scripts in
db_bin/cgi-bin/secure (accessable only to user staff), they would be
prompted for a Username/password again.
This does not happen. The browser is sent the 'Not Found' page.
WRT the problem I posted and your suggestion, I came across the same
problem. I created a symboloc link db_bin/staff that pointed to
db_bin/cgi-bin, hoping that, when I accessed this link, I would be
prompted for Username and password since I was trying to access
db_bin/staff/index.cgi, which only staff may access. This did not
happen. If I logged in as staff, it would work, otherwise, I got the
'Not Found' page.
Have you any suggestions/clues that you can give me to help solve these