You are not logged in Log in Join
You are here: Home » Download Zope Products » Netscape Server CGI Authorization Patch » README » View File
Log in
Name

Password

 
Link icon Forgot your password?
Print

README

File details
Size
4 K
File type
text/plain
 

Click here to get the file

File contents

  ------------------------------------------------------------------
  Netscape Server CGI Authorization Patch                     v.1.00

  (c) 1996                                   Digital Creations, L.C.
  ------------------------------------------------------------------


    The Netscape FastTrack CGI Authorization Patch is an NSAPI add-in
  module which fixes a "feature" of Netscape Enterprise & FastTrack web
  servers which prevents CGI scripts from receiving a WWW client's
  HTTP_AUTHORIZATION header in the environment which it uses as it runs
  (meaning that you cannot control or verify authorization from a CGI
  script -- any authorized users & passwords must be explicitly registered
  in a server password database via the admin server in order to implement
  restricted access to CGI scripts). This is unacceptable in any dynamic
  application which needs to manage it's own access control.

    This module is a work-around which finds any HTTP_AUTHORIZATION headers
  in a request, and makes the value of this header available to CGI scripts
  by copying it to the environment variable HTTP_CGI_AUTHORIZATION.

  (Note that this module does *not* provide in any way for the parsing or
  decryption of this header -- it merely makes the encoded string available
  to CGI scripts.




  ------------------------------------------------------------------
  Prerequisites
  ------------------------------------------------------------------

  Netscape Enterprise or Fasttrack Webserver




  ------------------------------------------------------------------
  Supported Platforms
  ------------------------------------------------------------------

  The authorization patch has been tested on and is
  available for the following platforms:

  OSF/1   v3.2
  Solaris v2.4
  Win32 (Windows NT 3.5+ , Windows 95)



  ------------------------------------------------------------------
  Installation
  ------------------------------------------------------------------

  Installation instructions are Provided for applying this patch 
  module on UNIX or WIN32 platforms.

  IMPORTANT: In all instructions,  <server_home> is used to denote
             the directory where your fastrack server is installed.



  UNIX Platforms
  --------------

  IMPORTANT: You will generally need root access to modify
             the webserver configuration files!


  (1) Create a new directory named nscgiauth in your server's
      plugin directory (Generally <server_home>/plugins).

      Unpack the distribution file.

      The shared library containing the patch is:  nscgi-auth.so
      Copy this file to the directory you just created.

  (2) If you have a FastTrack server, append the following 2 lines to 
      your server's "magnus.conf" file. If you have Enterprise server,
      add these to the beginning of your "obj.conf" file:

      Init fn=load-modules shlib=<server_home>/plugins/nscgiauth/nscgi-auth.so funcs=cgiauth-initialize,cgiauth-nametrans
      Init fn=cgiauth-initialize


  (3) Add the following as the *first line* of the "default"
      object definition in the server's "obj.conf" file:

      NameTrans fn="cgiauth-nametrans"

  (4) Restart the server.



  Win32 Platforms
  ---------------

  IMPORTANT: You will generally need administrator priveleges to install
             the patch on Windows NT.

  (1) Create a new directory named nscgiauth in your server's
      plugin directory (Generally <server_home>/plugins).

      Unpack the distribution file.

      The shared library containing the patch is:  nscgi-auth.dll
      Copy this file to the directory you just created.

  (2) If you have a FastTrack server, append the following 2 lines to 
      your server's "magnus.conf" file. If you have Enterprise server,
      add these to the beginning of your "obj.conf" file:

      Init fn=load-modules shlib=<server_home>/plugins/nscgiauth/nscgi-auth.dll funcs=cgiauth-initialize,cgiauth-nametrans
      Init fn=cgiauth-initialize


  (3) Add the following as the *first line* of the "default"
      object definition in the server's "obj.conf" file:

      NameTrans fn="cgiauth-nametrans"

  (4) Restart the server.





  ------------------------------------------------------------------
  Release Notes
  ------------------------------------------------------------------

  NSCGI_AUTH 1.00 beta1 (08/21/96)  -- Initial release
  ----------------------------------------------------
  In the initial release, all CGI scripts run will have
  HTTP_CGI_AUTHORIZE     placed in their environment by
  the server *if* an HTTP_AUTHORIZE header was received
  from the client.  Future releases may require explicit
  modifications to server config files to control which
  uri matches (like "/joebob/cgi-bin/*") will be passed
  the HTTP_CGI_AUTHORIZE variable.
Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)