Handling Multiusers in PHWEB

Bickel, Jon BickelJ@USFilter.com
Mon, 1 Nov 2004 14:46:19 -0500 

Apache creates the server side session as the userid running the listening
web server process(i.e. root, oracle, apache, etc...), not as the userid on
making the request on the browsing machine.  So, $HOME and $LOGNAME will
always return the same value (the web server process owner) no matter what
the userid is on the machine with the browser making the request.

Hence the generic need to query for, verify (optional), pass, and set the
true userid or some other means of unique identification.

jb

-----Original Message-----
From: brian_matthewsbrian matthews
[mailto:brian_matthews_bmw@hotmail.com]
Sent: Monday, November 01, 2004 1:21 PM
To: powerh-l@lists.sowder.com
Subject: RE: Handling Multiusers in PHWEB


we don't have Apache, but I can't help feeling that the comment below 
contains the solution.
Is it possible that $HOME exists within Apache after login, and could be 
accessed directly using syntax like 'let t_subdir=getsytemval("HOME")'.

Also is $LOGNAME set also and available in the same way, which means that 
you need not prompt the user for the userid.

Bri,


>From: "Joe Boyle" <joeboyle_adt@hotmail.com>
>To: "'I H LIM'" <infojenama@yahoo.com>
>CC: <powerh-l@lists.sowder.com>
>Subject: RE: Handling Multiusers in PHWEB
>Date: Wed, 27 Oct 2004 16:47:26 +0100
>
>Hi again Han,
>
>
>
>I sent the email below this email to the list so that others could comment
>or add details/suggestions of their own.
>
>However, you/they won't see it at the list because they impose a 40 KB 
>email
>size limit, which the email exceeded.
>
>
>
>They will see this one because I cut out earlier stuff :-)
>
>
>
>I have a little more on obtaining the $HOME value.  This is from old notes
>so it may need modifying, try something like that below,
>
>
>
>run command "THEHOME =`grep 'username entered' /etc/passwd | awk '{print
>$6}'` "
>
>let t_subdir=getsytemval("THEHOME")
>
>
>
>Regards, Joe.
>
>   _____
>
>From: Joe Boyle [mailto:joeboyle_adt@hotmail.com]
>Sent: 27 October 2004 15:43
>To: 'I H LIM'
>Cc: powerh-l@lists.sowder.com
>Subject: RE: Handling Multiusers in PHWEB
>
>
>
>Hi Han,
>
>
>
>it is always best to reply to the list (powerh-l@lists.sowder.com), rather
>than individuals.  The reason I say this is that I have a limited amount of
>knowledge when it comes to Unix specifics, but someone on the list will
>usually offer more information.
>
>
>
>In this case, you could ask the user to enter their Unix login name in the
>Phweb login page. You could then use awk to interrogate the file ( the
>passwd file as Jon said earlier ) containing the user's login details which
>includes the default login directory, put the value in a temporary item and
>then send the value from page to page - this could then be used as below,
>
>
>
>temp t_subdir char*40 reset at startup ( set in the phweb 1st page )
>
>
>
>temp t_subname char*80 reset at startup ( set in each page from where you
>are going to call quiz/qtp )
>
>
>
>postpath procedure
>
>begin
>
>
>
>let t_subname char*50 = truncate ( t_subdir ) &
>
>         + "\subfile_of_qz890"
>
>
>
>if not setsystemval ( " subnamvar " , t_subname )   &
>
>then error did not set unique subfile var subnamvar
>
>
>
>end
>
>
>
>when you want to write to the subfile, use syntax like that below,
>
>
>
>quiz 'set sub name $subnamvar keep etc.'
>
>qtp  'sub  $subnamvar keep include etc.'
>
>
>
>when you want to access the subfile in quiz/qtp use
>
>
>
>'access $subnamvar'
>
>
>
>if you want to access the subfile in the Phweb page use
>
>
>
>'file * $subnamvar primary etc.'
>
>If you are going to AT the job, you would need to write the setting of the
>variable into the script file.
>
>Regards, Joe.
>
>This e-mail and all information contained in it is confidential and may be
>legally privileged. If you are not the intended recipient, your access to
>this e-mail is unauthorized. Any use, dissemination, distribution,
>publication or copying by you of this e-mail or any of the information
>contained within it is prohibited and may be unlawful. Do not open any
>attachments, delete it immediately from your system and notify the sender
>promptly by e-mail that you have done so. The content of this e-mail and 
>any
>attachments sent with it may have been altered without the consent or
>knowledge of the author.
>
>   _____
>
>From: I H LIM [mailto:infojenama@yahoo.com]
>Sent: 27 October 2004 10:42
>To: Joe Boyle
>Subject: RE: Handling Multiusers in PHWEB
>
>
>
>Hi Joe,
>
>
>
>Actually we are trying to retain the same subfile name and let Phweb Quiz
>handle like PH quiz in Unix user directory. Is there a way to relate Apache
>to activate unix login such that each login will in unix multiusers
>environment ?
>
>Thanks.
>
>Regards,
>
>Han
>
>
>
>
>

_________________________________________________________________
Use MSN Messenger to send music and pics to your friends 
http://www.msn.co.uk/messenger

= = = = = = = = = = = = = = = = = = = = = = = = = = = =
Mailing list: powerh-l@lists.sowder.com
Subscribe: "subscribe" in message body to powerh-l-request@lists.sowder.com
Unsubscribe: "unsubscribe <password>" in message body to
powerh-l-request@lists.sowder.com
http://lists.sowder.com/mailman/listinfo/powerh-l
This list is closed, thus to post to the list you must be a subscriber.