[0001] [0002] [0003] [0004] [0005] [0006] [0007] [0008] [0009] [0010] [0011] [0012] [0013] [0014] [0015] [0016] [0017] [0018] [0019] [0020] [0021] [0022] [0023] [0024] [0025] [0026] [0027] [0028] [0029] [0030] [0031] [0032] [0033] [0034] [0035] [0036] [0037] [0038] [0039] [0040] [0041] [0042] [0043] [0044] [0045] [0046] [0047] [0048] [0049] [0050] [0051] [0052] [0053] [0054] [0055] [0056] [0057] [0058] [0059] [0060] [0061] [0062] [0063] [0064] [0065] [0066] [0067] [0068] [0069] [0070] [0071] [0072] [0073] [0074] [0075] [0076] [0077] [0078] [0079] [0080] [0081] [0082] [0083] [0084] [0085] [0086] [0087] [0088]
$! AUTHAGENT_EXAMPLE_PROC.COM $! $! This non-C-language example demonstrates a minimal implementation of $! authentication agent processing. $! $! It also illustrates that a simple wrapper such as this might be used $! to access some command-line authentication mechanism, and the results $! used to establish whether the request should be authenticated or not. $! $! Example of the HTTPD$AUTH rule required to experiment with this: $! $! ["Authentication Agent Procedure"=AUTHAGENT_EXAMPLE_PROC=agent"] $! /some/path/or/other/* $! $! 26-NOV-2009 MGD bugfix; say? $! 10-MAY-2007 MGD belt-and-braces $! 06-SEP-1999 MGD initial $! $ say = "write sys$output" $! $ open /read CgiPlusIn CGIPLUSIN $! $ RequestLoop: $! $! (block waiting for request, this initial read is always discardable) $ read CgiPlusIn /end=EndRequestLoop Line $! $! (initialize, read and save required variables from CGIplus stream) $ WwwAuthAgent = "" $ WwwAuthPassword = "" $ WwwAuthRealm = "" $ WwwRemoteUser = "" $! $ CgiVarLoop: $ read CgiPlusIn /end=EndCgiVarLoop Line $! (empty line indicates end of request's variables) $ if Line .eqs. "" then goto EndCgiVarLoop $ if f$extract(0,15,Line) .eqs. "WWW_AUTH_AGENT=" $ then $ WwwAuthAgent = f$extract(15,999,Line) $ goto CgiVarLoop $ endif $ if f$extract(0,18,Line) .eqs. "WWW_AUTH_PASSWORD=" $ then $ WwwAuthPassword = f$edit(f$extract(18,999,Line),"upcase") $ goto CgiVarLoop $ endif $ if f$extract(0,15,Line) .eqs. "WWW_AUTH_REALM=" $ then $ WwwAuthRealm = f$extract(15,999,Line) $ goto CgiVarLoop $ endif $ if f$extract(0,16,Line) .eqs. "WWW_REMOTE_USER=" $ then $ WwwRemoteUser = f$edit(f$extract(16,999,Line),"upcase") $ goto CgiVarLoop $ endif $ goto CgiVarLoop $ EndCgiVarLoop: $! $! (the actual agent callout) $ say f$trnlnm("CGIPLUSESC") $! $! (ensure we've got everything we need) $ if WwwAuthAgent .eqs. "" .or. WwwAuthPassword .eqs "" .or. - WwwAuthRealm .eqs. "" .or. WwwRemoteUser .eqs. "" $ then $ say "500 implementation error" $ else $! (belt-and-braces, further ensure it cannot be run as a script) $ say "100 AUTHAGENT-CALLOUT" $! (check the authentication information against our "database" ;^) $ if WwwRemoteUser .eqs. "MARK" .and. WwwAuthPassword .eqs. "DANIEL" $ then $ say "200 READ+WRITE" $ else $ say "401 username/password problem" $ endif $ endif $! $! (and of agent callout) $ say f$trnlnm("CGIPLUSEOT") $! $! (and of agent processing) $ say f$trnlnm("CGIPLUSEOF") $ goto RequestLoop $! $ EndRequestLoop: