Handling Multiusers in PHWEB ( the late shift )

Joe Boyle joeboyle_adt@hotmail.com
Thu, 4 Nov 2004 16:21:34 -0000 

Hi Jon ( all ),

Hi Jon,

from Brian's suggested script I am guessing that he wants to run the process
actually logged in as the user concerned, which is a solution I would be
interested in myself.

I have looked at your email again and your comment below, which suggests
that your solution only simulates actually being logged in ( which is also
great if that is what you want :-)

'The actual logonid of the session is still the web server administrator,
but the temp space is effectively that of the true userid (and the true
userid is available as an environmental variable for  all downstream
processes).'


I like the rlogin idea and wonder if it isn't possible to put the $2
variable on the second line, to be picked up by the password request prompt,
as below ? ( it's a while since I ran a rlogin call and I am assuming that 
there is a password prompt at this point )

rlogin theserver -l $1

$2

Regards, Joe.

This e-mail and all information contained in it is confidential and may be
legally privileged. If you are not the intended recipient, your access to
this e-mail is unauthorized. Any use, dissemination, distribution,
publication or copying by you of this e-mail or any of the information
contained within it is prohibited and may be unlawful. Do not open any
attachments, delete it immediately from your system and notify the sender
promptly by e-mail that you have done so. The content of this 
e-mail and any attachments sent with it may have been altered without the
consent or knowledge of the author.

-----Original Message-----
From: powerh-l-admin@lists.sowder.com
[mailto:powerh-l-admin@lists.sowder.com] On Behalf Of Bickel, Jon
Sent: 04 November 2004 14:42
To: powerh-l@lists.sowder.com
Subject: RE: Handling Multiusers in PHWEB ( the late shift )

Brian, 

For login id, please refer to my post a few days ago on this topic.  If you
need the specific Perl syntax, please feel free to mail me directly with
specific questions.

jb

-----Original Message-----
From: brian_matthewsbrian matthews
[mailto:brian_matthews_bmw@hotmail.com]
Sent: Wednesday, November 03, 2004 10:54 PM
To: BickelJ@USFilter.com; powerh-l@lists.sowder.com
Subject: RE: Handling Multiusers in PHWEB ( the late shift )


how about running a script as below from a sign in page where the user 
enters both a valid unix loginid and password ( in noecho fields ). The only

thing that I'm unclear on is how to get the password ( $2 ) into the rlogin 
command - any ideas ?

let t_get_vars_string = "/usr/bin/phwrscripts/get_user_vars.sh " + f_userid 
+ " " + f_passwd
run command t_get_vars_string

script get_user_vars.sh is below,

#! /usr/bin/ksh
rlogin theserver -l $1

quiz auto...
qtp auto=...
..
exit

The script then calls a qtp to create a record using the loginid and 
password as a key (which can only happen if the rlogin is successful ). The 
qtp would run getsystemvals to sysvars such as $HOME etc and update the 
record with them. Onnce the screen/page gets the details $HOME etc into 
temps it deletes the record.

field f_userid noecho
field f_passwd noecho

let t_get_vars_string = "get_user_vars.sh " + f_userid + " " + f_passwd
run command t_get_vars_string

get qtp_var_rec using f_userid via ... optional
if not accessok
then error "invalid login details for user " + f_userid


Bri

>From: "Bickel, Jon" <BickelJ@USFilter.com>
>To: powerh-l@lists.sowder.com
>Subject: RE: Handling Multiusers in PHWEB
>Date: Mon, 1 Nov 2004 14:46:19 -0500
>
>Apache creates the server side session as the userid running the listening
>web server process(i.e. root, oracle, apache, etc...), not as the userid on
>making the request on the browsing machine.  So, $HOME and $LOGNAME will
>always return the same value (the web server process owner) no matter what
>the userid is on the machine with the browser making the request.
>
>Hence the generic need to query for, verify (optional), pass, and set the
>true userid or some other means of unique identification.
>
>jb
>
>-----Original Message-----
>From: brian_matthewsbrian matthews
>[mailto:brian_matthews_bmw@hotmail.com]
>Sent: Monday, November 01, 2004 1:21 PM
>To: powerh-l@lists.sowder.com
>Subject: RE: Handling Multiusers in PHWEB
>
>
>we don't have Apache, but I can't help feeling that the comment below
>contains the solution.
>Is it possible that $HOME exists within Apache after login, and could be
>accessed directly using syntax like 'let t_subdir=getsytemval("HOME")'.
>
>Also is $LOGNAME set also and available in the same way, which means that
>you need not prompt the user for the userid.
>
>Bri,
>
>
> >From: "Joe Boyle" <joeboyle_adt@hotmail.com>
> >To: "'I H LIM'" <infojenama@yahoo.com>
> >CC: <powerh-l@lists.sowder.com>
> >Subject: RE: Handling Multiusers in PHWEB
> >Date: Wed, 27 Oct 2004 16:47:26 +0100
> >
> >Hi again Han,
> >
> >
> >
> >I sent the email below this email to the list so that others could 
>comment
> >or add details/suggestions of their own.
> >
> >However, you/they won't see it at the list because they impose a 40 KB
> >email
> >size limit, which the email exceeded.
> >
> >
> >
> >They will see this one because I cut out earlier stuff :-)
> >
> >
> >
> >I have a little more on obtaining the $HOME value.  This is from old 
>notes
> >so it may need modifying, try something like that below,
> >
> >
> >
> >run command "THEHOME =`grep 'username entered' /etc/passwd | awk '{print
> >$6}'` "
> >
> >let t_subdir=getsytemval("THEHOME")
> >
> >
> >
> >Regards, Joe.
> >
> >   _____
> >
> >From: Joe Boyle [mailto:joeboyle_adt@hotmail.com]
> >Sent: 27 October 2004 15:43
> >To: 'I H LIM'
> >Cc: powerh-l@lists.sowder.com
> >Subject: RE: Handling Multiusers in PHWEB
> >
> >
> >
> >Hi Han,
> >
> >
> >
> >it is always best to reply to the list (powerh-l@lists.sowder.com), 
>rather
> >than individuals.  The reason I say this is that I have a limited amount 
>of
> >knowledge when it comes to Unix specifics, but someone on the list will
> >usually offer more information.
> >
> >
> >
> >In this case, you could ask the user to enter their Unix login name in 
>the
> >Phweb login page. You could then use awk to interrogate the file ( the
> >passwd file as Jon said earlier ) containing the user's login details 
>which
> >includes the default login directory, put the value in a temporary item 
>and
> >then send the value from page to page - this could then be used as below,
> >
> >
> >
> >temp t_subdir char*40 reset at startup ( set in the phweb 1st page )
> >
> >
> >
> >temp t_subname char*80 reset at startup ( set in each page from where you
> >are going to call quiz/qtp )
> >
> >
> >
> >postpath procedure
> >
> >begin
> >
> >
> >
> >let t_subname char*50 = truncate ( t_subdir ) &
> >
> >         + "\subfile_of_qz890"
> >
> >
> >
> >if not setsystemval ( " subnamvar " , t_subname )   &
> >
> >then error did not set unique subfile var subnamvar
> >
> >
> >
> >end
> >
> >
> >
> >when you want to write to the subfile, use syntax like that below,
> >
> >
> >
> >quiz 'set sub name $subnamvar keep etc.'
> >
> >qtp  'sub  $subnamvar keep include etc.'
> >
> >
> >
> >when you want to access the subfile in quiz/qtp use
> >
> >
> >
> >'access $subnamvar'
> >
> >
> >
> >if you want to access the subfile in the Phweb page use
> >
> >
> >
> >'file * $subnamvar primary etc.'
> >
> >If you are going to AT the job, you would need to write the setting of 
>the
> >variable into the script file.
> >
> >Regards, Joe.
> >
> >This e-mail and all information contained in it is confidential and may 
>be
> >legally privileged. If you are not the intended recipient, your access to
> >this e-mail is unauthorized. Any use, dissemination, distribution,
> >publication or copying by you of this e-mail or any of the information
> >contained within it is prohibited and may be unlawful. Do not open any
> >attachments, delete it immediately from your system and notify the sender
> >promptly by e-mail that you have done so. The content of this e-mail and
> >any
> >attachments sent with it may have been altered without the consent or
> >knowledge of the author.
> >
> >   _____
> >
> >From: I H LIM [mailto:infojenama@yahoo.com]
> >Sent: 27 October 2004 10:42
> >To: Joe Boyle
> >Subject: RE: Handling Multiusers in PHWEB
> >
> >
> >
> >Hi Joe,
> >
> >
> >
> >Actually we are trying to retain the same subfile name and let Phweb Quiz
> >handle like PH quiz in Unix user directory. Is there a way to relate 
>Apache
> >to activate unix login such that each login will in unix multiusers
> >environment ?
> >
> >Thanks.
> >
> >Regards,
> >
> >Han
> >
> >
> >
> >
> >
>
>_________________________________________________________________
>Use MSN Messenger to send music and pics to your friends
>http://www.msn.co.uk/messenger
>
>= = = = = = = = = = = = = = = = = = = = = = = = = = = =
>Mailing list: powerh-l@lists.sowder.com
>Subscribe: "subscribe" in message body to powerh-l-request@lists.sowder.com
>Unsubscribe: "unsubscribe <password>" in message body to
>powerh-l-request@lists.sowder.com
>http://lists.sowder.com/mailman/listinfo/powerh-l
>This list is closed, thus to post to the list you must be a subscriber.
>= = = = = = = = = = = = = = = = = = = = = = = = = = = =
>Mailing list: powerh-l@lists.sowder.com
>Subscribe: "subscribe" in message body to powerh-l-request@lists.sowder.com
>Unsubscribe: "unsubscribe <password>" in message body to 
>powerh-l-request@lists.sowder.com
>http://lists.sowder.com/mailman/listinfo/powerh-l
>This list is closed, thus to post to the list you must be a subscriber.

_________________________________________________________________
It's fast, it's easy and it's free. Get MSN Messenger today! 
http://www.msn.co.uk/messenger
= = = = = = = = = = = = = = = = = = = = = = = = = = = =
Mailing list: powerh-l@lists.sowder.com
Subscribe: "subscribe" in message body to powerh-l-request@lists.sowder.com
Unsubscribe: "unsubscribe <password>" in message body to
powerh-l-request@lists.sowder.com
http://lists.sowder.com/mailman/listinfo/powerh-l
This list is closed, thus to post to the list you must be a subscriber.