Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

change username on server.

Posted on 1997-10-08
1
Medium Priority
?
165 Views
Last Modified: 2013-12-25
I am using Netscape Enterprise Server 2.01 and am trying to implement some restrictions on directorys on the server.



I have three users; guest, pilot, and staff.

I have a directory hierarchy :-

           db_bin
             |
   +---------+----+----+
   |         |         |
index.cgi   html    cgi-bin
             |         |
          +++++++   ++++++++++++-------+---------+
          some      lots of cgi        |         |
          html      scripts        index.cgi   secure
          files                                  |
                                               ++++++
                                               some more
                                               cgi scripts

The security I'm after is :-

None on db_bin so that the index.cgi scripts can be accessed by anyone.

Any of the users (guest, pilot, staff) on cgi-bin, causing a
Username/password prompt from the link off db_bin/index.cgi to
db_bin/cgi-bin/index.cgi.

Only user staff may run cgi's in db_bin/cgi-bin/secure.

To implement this security, I set the server as described.

I was hoping that, if, after logging in a guest to access
db_bin/cgi-bin/index.cgi, the user tries to access scripts in
db_bin/cgi-bin/secure (accessable only to user staff), they would be
prompted for a Username/password again.

This does not happen. The browser is sent the 'Not Found' page.

WRT the problem I posted and your suggestion, I came across the same
problem. I created a symboloc link db_bin/staff that pointed to
db_bin/cgi-bin, hoping that, when I accessed this link, I would be
prompted for Username and password since I was trying to access
db_bin/staff/index.cgi, which only staff may access. This did not
happen. If I logged in as staff, it would work, otherwise, I got the
'Not Found' page.

Have you any suggestions/clues that you can give me to help solve these
problems.
0
Comment
Question by:dwater
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 4

Accepted Solution

by:
unicorntech earned 100 total points
ID: 1855262
I feel that the answer to the problem would be not in changing permissions or the dir structure - it is more likely to be the fact that enterprise server will return a certain error message for different situation. And rather than presenting a forbidden message or the promt it has been configured to return 400 - not found to all errors. If you run a bad cgi script does the server return this same error code? If so then you need to change the error response code configs. Let me know if this helps,

Regards,

Jason
0

Featured Post

Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FAQ pages provide a simple way for you to supply and for customers to find answers to the most common questions about your company. Here are six reasons why your company website should have a FAQ page
When crafting your “Why Us” page, there are a plethora of pitfalls to avoid. Follow these five tips, and you’ll be well on your way to creating an effective page.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question