Article delegate-en/1833 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A1829@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: How to use a passwordfile for authentication ????
19 Aug 2002 20:47:56 GMT feedback@delegate.org (Yutaka Sato)


On 08/16/02(20:00) you peqdqbdyi-6cvkctcxsbnr.ml@ml.delegate.org wrote
in <_A1829@delegate-en.ML_>
 |on my linux machine I have a standard passwordfile.
 |It is create by the htpasswd from apache.
 |This passwordfile is also used by my proxy oops for http authentication.
 |Now I want to use this passwordfile also for authentication with my
 |delegate.
 |The password-file the the standard format :
 |igor:GH3B.g7yGQkXg
 |test:sdgdsfztrzhg5685
 |How can I use it ?????

I wrote about it in
<URL:http://www.delegate.org/mail-lists/archive/delegate/11229> (in Japanese)

DeleGate uses FTP server (or its authentication sub protocol by USER+PASS)
as an authentication server.  You can write your own authentication server
with this interface, as shown in
<URL:http://www.delegate.org/mail-lists/delegate-en/00969> (in English)
Authentication information from HTTP clients (in HTTP Authorization header
with Basic authentication) is passed to the authentication server and
it is authenticated if the FTP login with the given USER+PASS succeeded.

The following is the example of such "authentication server program".
This server checks if or not the specified AUTHURL like "http://server/path"
is accessible with given USER+PASS.  To use the password-file of the apache
HTTP server on your localhost, AUTHURL="http://localhost" will do.

---------------------------------------------------------------------------
#!/bin/sh

#### the URL to be authorized for the USER:PASS
AUTHURL=http://server/path/

echo "220 ready, send username."
read COM USER
USER=`echo $USER|tr -d '\r'`

echo "331 send password."
read COM PASS
PASS=`echo $PASS|tr -d '\r'`

((
STAT=`delegated MYAUTH=$USER:$PASS:http -Fdget $AUTHURL -h|head -1`
echo $STAT | grep '^HTTP/1.. 200'
) 2>&1 ) > /dev/null

if [ $? = 0 ]; then
        echo "230 OK"
else    echo "530 NO"
fi
echo "221 bye."
---------------------------------------------------------------------------

>You can start this auth-server from inetd or as a DeleGate
>server like this:
>
>  delegated -Plocalhost:8888 SERVER=exec XCOM=auth-server.sh

Then you can use this auth-server from HTTP-proxy-DeleGate like this:

  delegated -P8080 SERVER=http \
            AUTHORIZER=localhost/8888 AUTH=proxy:auth PERMIT="*:*:*@localhost"

Cheers,
Yutaka
--
  @ @ Yutaka Sato <y.sato@delegate.org> http://www.delegate.org/y.sato/
 ( - ) National Institute of Advanced Industrial Science and Technology (AIST)
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V