You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by "Craig W. Wright" <cr...@cometsolutions.com> on 2002/08/21 21:59:20 UTC

Running user programs via apache.

Hello, 

I'm not sure if this is the right place to post this question, but I
can't even find a succinct way to phrase it so that I can look elsewhere
(google or such).

I'm running an apache web server on Redhat 7.3, and there are some
user accounts. My example user will be "demo". We have a CORBA enabled
application called comet that I would like to be able to start as "demo"
through the web server. Right now I'm doing this through a cgi script.

Basically this script (which is attached) checks the argument "user" for
a user name and tries to rsh to the localhost as that user. The "demo"
user's .rhosts file contains an entry:

localhost apache

Through rsh I start up my process (comet), and get a string that
represents a CORBA object from it (an IOR). 

I then pass the IOR back as the result of the cgi script. There are also
some error cases, but that's just noise. 

The main problem here is that I'm using rsh and there is no
authentication.

That's ok right now. It's on my LAN, but this needs to be MUCH more
secure in the near future.

Is there a good method to authenticate "demo" with his system password
and then start up a process as "demo" without having to resort to this
rsh crap? 

Thank you in advance for any help. 

Craig.

P.S. I'm not subscribed to the list so if you could CC me on any 
replies I would appreciate it.



-- 

+---------------------------------+
| Craig W. Wright                 |
| craig.wright@cometsolutions.com | 
|                                 |
| CoMeT Solutions Inc.            |
| 11811 Menaul Blvd. NE, #1       |
| Albuquerque, NM 87112 USA       |
| (505) 323-2525                  |
+---------------------------------+

Re: Running user programs via apache.

Posted by Jacob Coby <jc...@listingbook.com>.

>>The main problem here is that I'm using rsh and there is no
authentication.

That's ok right now. It's on my LAN, but this needs to be MUCH more
secure in the near future.

Is there a good method to authenticate "demo" with his system password
and then start up a process as "demo" without having to resort to this
rsh crap? <<

Look up ssh (OpenSSH) and trusted certificates (I think that's the term).
SSH will allow you to sign a certificate in leu of sending an actual
password.  All you need to login then is the username and the trusted cert.

-Jacob
http://www.listingbook.com


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org