Setting up CGI access

["Ashwill, Steve (Facilities & Services)" <sa...@uiuc.edu>]

 I have a custom authentication system that uses Perl to do the
authenticating. Can anyone provide me information as to how I can
redirecting incoming requests to use the Perl scripts.  I will the
include the instructions given for IIS.


Configure <BluestemCGI> Directory for CGI Access and <ASPApplDir>
If the BluestemCGI directory in install-nt.conf is not already enabled
for CGI access, see your server's documentation for instructions on how
to do so. 

If you are using IIS, you should be able to create a virtual directory
that is configured correctly using the following steps (or similar): 


Right-click on "My Computer" 
Select "Manage" 
Expand "Services and Applications" 
Expand "Internet Information Services (IIS) Manager" 
Expand "Web Sites" 
Right-click on the web site you want to configure (e.g., "Default Web
Site")
(if you have multiple web sites/virtual directories to configure, you
may need to repeat this and the following steps for each web
site/virtual directory) 
Select "New", then "Virtual Directory". This will start the Virtual
Directory Creation Wizard 
On the first screen of the wizard, fill in the "Alias". This should
match the value of BluestemPfx you set in install-nt.conf (e.g.,
"scripts" or "bluestem") 
On the second screen, fill in the "Path". This should match the value of
BluestemCGI you set in install-nt.conf (e.g., "C:\InetPub\Scripts") 
The third screen is for Access Permissions for the virtual directory.
Ensure that the one for "Execute (such as ISAPI applications or CGI)" is
enabled (i.e., checked). 
If the virtual directory already exists, you should be able to modify
its configuration using the following steps (picking up from step 5
above): 

Expand the web site containing the BluestemCGI directory (e.g., "Default
Web Site") 
Right-click on the virtual directory corresponding to BluestemCGI (e.g.,
"scripts" or "bluestem") 
Select "Properties" 
Select the "Virtual Directory" or "Directory" tab 
Click on the "Execute permissions" pulldown menu button 
Choose the value "Scripts and Executables" (for CGI scripts; for ASP,
"Scripts only" should be sufficient) 
If you are using Windows 2003 Server/IIS 6, you may also need to do the
following steps (again picking up from step 5 above): 

Select "Web Service Extensions" 
Select "Perl CGI Extension" (on the right-hand side pane). The default
is "Prohibited". Click on the "Allow" button to enable it.
[Note: If you need to fill in the value for a required file, as in step
3 above, it should look like '\path\to\perl.exe "%s" %s'; for example,
'C:\Perl\bin\perl.exe "%s" %s'.] 
On Microsoft IIS, it is strongly recommended that you set the "Require
secure SSL channel" for the BluestemCGI directory and all others that
contain Bluestem applications. Otherwise, if a user mistakenly types
http:// instead of https:// in the URL they will get a Bluestem System
problem screen, because Bluestem can not be run without an SSL
connection to the browser. 
You should be able to do this using the following steps (again picking
up from step 5 above): 


Expand the web site containing the BluestemCGI directory (e.g., "Default
Web Site") 
Right-click on the virtual directory corresponding to BluestemCGI (i.e.,
the directory alias you filled in in step 8 above, e.g., "scripts" or
"bluestem") 
Select "Properties" 
Select the "Directory Security" tab 
Click on the "Edit ..." button in the "Secure Communications" section of
the tab (this will only be available if you have a server certificate) 
Ensure that "Require secure channel (SSL)" is enabled 


Can anyone translate this into geronimo?


Steven Ashwill

Re: Setting up CGI access

[David Jencks <da...@yahoo.com>]

Hi,
sorry for the delay.
On Apr 18, 2008, at 7:21 AM, Ashwill, Steve (Facilities & Services)  
wrote:

> I have a custom authentication system that uses Perl to do the
> authenticating. Can anyone provide me information as to how I can
> redirecting incoming requests to use the Perl scripts.  I will the
> include the instructions given for IIS.

I don't think you will have much success using perl inside a java app  
server, at least I don't know how to start thinking about doing it.   
Looking at the bluestem documentation here
https://www-s4.uiuc.edu/bluestem-notes/

i see there is a java implementation of the bluestem client
https://www-s4.uiuc.edu/bluestem-dist/contrib/javabluestem-0.9.1.tar.gz

There are instructions in the included README that look fairly easy to  
follow to install this package to provide application based  
authentication using bluestem.

I'm a bit surprised that there isn't a LoginModule implementation that  
would allow using bluestem with standard javaee container managed  
authentication and authorization.  Although I haven't looked at the  
code I'd expect that it would be pretty easy to write such a  
LoginModule.  If you or the javabluestem author are interested I'd be  
happy to provide advice.

Please let us know if you have problems installing this.

thanks
david jencks


>
>
>
> Configure <BluestemCGI> Directory for CGI Access and <ASPApplDir>
> If the BluestemCGI directory in install-nt.conf is not already enabled
> for CGI access, see your server's documentation for instructions on  
> how
> to do so.
>
> If you are using IIS, you should be able to create a virtual directory
> that is configured correctly using the following steps (or similar):
>
>
> Right-click on "My Computer"
> Select "Manage"
> Expand "Services and Applications"
> Expand "Internet Information Services (IIS) Manager"
> Expand "Web Sites"
> Right-click on the web site you want to configure (e.g., "Default Web
> Site")
> (if you have multiple web sites/virtual directories to configure, you
> may need to repeat this and the following steps for each web
> site/virtual directory)
> Select "New", then "Virtual Directory". This will start the Virtual
> Directory Creation Wizard
> On the first screen of the wizard, fill in the "Alias". This should
> match the value of BluestemPfx you set in install-nt.conf (e.g.,
> "scripts" or "bluestem")
> On the second screen, fill in the "Path". This should match the  
> value of
> BluestemCGI you set in install-nt.conf (e.g., "C:\InetPub\Scripts")
> The third screen is for Access Permissions for the virtual directory.
> Ensure that the one for "Execute (such as ISAPI applications or  
> CGI)" is
> enabled (i.e., checked).
> If the virtual directory already exists, you should be able to modify
> its configuration using the following steps (picking up from step 5
> above):
>
> Expand the web site containing the BluestemCGI directory (e.g.,  
> "Default
> Web Site")
> Right-click on the virtual directory corresponding to BluestemCGI  
> (e.g.,
> "scripts" or "bluestem")
> Select "Properties"
> Select the "Virtual Directory" or "Directory" tab
> Click on the "Execute permissions" pulldown menu button
> Choose the value "Scripts and Executables" (for CGI scripts; for ASP,
> "Scripts only" should be sufficient)
> If you are using Windows 2003 Server/IIS 6, you may also need to do  
> the
> following steps (again picking up from step 5 above):
>
> Select "Web Service Extensions"
> Select "Perl CGI Extension" (on the right-hand side pane). The default
> is "Prohibited". Click on the "Allow" button to enable it.
> [Note: If you need to fill in the value for a required file, as in  
> step
> 3 above, it should look like '\path\to\perl.exe "%s" %s'; for example,
> 'C:\Perl\bin\perl.exe "%s" %s'.]
> On Microsoft IIS, it is strongly recommended that you set the "Require
> secure SSL channel" for the BluestemCGI directory and all others that
> contain Bluestem applications. Otherwise, if a user mistakenly types
> http:// instead of https:// in the URL they will get a Bluestem System
> problem screen, because Bluestem can not be run without an SSL
> connection to the browser.
> You should be able to do this using the following steps (again picking
> up from step 5 above):
>
>
> Expand the web site containing the BluestemCGI directory (e.g.,  
> "Default
> Web Site")
> Right-click on the virtual directory corresponding to BluestemCGI  
> (i.e.,
> the directory alias you filled in in step 8 above, e.g., "scripts" or
> "bluestem")
> Select "Properties"
> Select the "Directory Security" tab
> Click on the "Edit ..." button in the "Secure Communications"  
> section of
> the tab (this will only be available if you have a server certificate)
> Ensure that "Require secure channel (SSL)" is enabled
>
>
> Can anyone translate this into geronimo?
>
>
> Steven Ashwill