Article delegate-en/2697 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A2696@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: How force hosts to authenticate
01 Jul 2004 19:41:53 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


In message <_A2696@delegate-en.ML_> on 07/02/04(02:37:53)
you "Salvatore Tarallo \(starallo\)" <prafabdyi-jfbrsz3nmvxr.ml@ml.delegate.org> wrote:
 |I'm running the latest delegate under Win2k.
 |Eveything seems to work fine with the exception of the
 |authentication/authorization.
 |My objective is to have all access via http to sites only allowed with
 |an authentication with the exception of specific sites.
 |I went through the manual and the other posts to no avail.
 |I could successful force proxy authentication using
 |AUTHORIZER="-list{test:test}" but it doesn't seem to work if I add a
 |connMap parameter.
 |For example I tried : AUTHORIZER="-list{test:test}:http:*.com:*"  with
 |the intent of requesting an authentication for all clients accessing any
 |.com site but no authentication is triggered.
 |Am I on the right way ? 

Yes.  I found that AUTHORIZER with connMap is not working because
the destination information, to be matched with connMap, is not parsed 
before applying the connMap for AUTHORIZER.  I will fix it as the
enclosed patch.  Thank you.

Cheers,
Yutaka
--
  D G   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


*** dist/delegate8.9.6-pre6/src/http.c	Fri Jun 25 03:28:08 2004
--- src/http.c	Fri Jul  2 04:35:18 2004
***************
*** 6504,6509 ****
--- 6504,6514 ----
  		goto EXIT;
  	}
  
+ 	/* parse request before applying AUTHORIZER */
+ 	HTTP_getHost(Conn,REQ,REQ_FIELDS);
+ 	if( rewriteRequest(Conn,QX,fc,tc) < 0 )
+ 		goto EXIT;
+ 
  	if( CTX_auth(Conn,NULL,NULL) ) /* with AUTHORIZER */
  	if( ClientAuthUser[0] == 0 )
  	{
***************
*** 6522,6530 ****
--- 6527,6537 ----
  	if( doMaxHops(Conn,QX,fc,tc) )
  		goto EXIT;
  
+ /*
  	HTTP_getHost(Conn,REQ,REQ_FIELDS);
  	if( rewriteRequest(Conn,QX,fc,tc) < 0 )
  		goto EXIT;
+ */
  
  	if( withMountAUTHORIZER(Conn) )
  	if( ClientAuthUser[0] == 0 )

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V