[0001]
[0002]
[0003]
[0004]
[0005]
[0006]
[0007]
[0008]
[0009]
[0010]
[0011]
[0012]
[0013]
[0014]
[0015]
[0016]
[0017]
[0018]
[0019]
[0020]
[0021]
[0022]
[0023]
[0024]
[0025]
[0026]
[0027]
[0028]
[0029]
[0030]
[0031]
[0032]
[0033]
[0034]
[0035]
[0036]
[0037]
[0038]
[0039]
[0040]
[0041]
[0042]
[0043]
[0044]
[0045]
[0046]
[0047]
[0048]
[0049]
[0050]
[0051]
[0052]
[0053]
[0054]
[0055]
[0056]
[0057]
[0058]
[0059]
[0060]
[0061]
[0062]
[0063]
[0064]
[0065]
[0066]
[0067]
[0068]
[0069]
[0070]
[0071]
[0072]
[0073]
[0074]
[0075]
[0076]
[0077]
[0078]
[0079]
[0080]
[0081]
[0082]
[0083]
[0084]
[0085]
[0086]
[0087]
[0088]
$! AUTHAGENT_EXAMPLE_PROC.COM
$!
$! This non-C-language example demonstrates a minimal implementation of
$! authentication agent processing.
$!
$! It also illustrates that a simple wrapper such as this might be used
$! to access some command-line authentication mechanism, and the results
$! used to establish whether the request should be authenticated or not.
$!
$! Example of the HTTPD$AUTH rule required to experiment with this:
$!
$! ["Authentication Agent Procedure"=AUTHAGENT_EXAMPLE_PROC=agent"]
$! /some/path/or/other/*
$!
$! 26-NOV-2009 MGD bugfix; say?
$! 10-MAY-2007 MGD belt-and-braces
$! 06-SEP-1999 MGD initial
$!
$ say = "write sys$output"
$!
$ open /read CgiPlusIn CGIPLUSIN
$!
$ RequestLoop:
$!
$! (block waiting for request, this initial read is always discardable)
$ read CgiPlusIn /end=EndRequestLoop Line
$!
$! (initialize, read and save required variables from CGIplus stream)
$ WwwAuthAgent = ""
$ WwwAuthPassword = ""
$ WwwAuthRealm = ""
$ WwwRemoteUser = ""
$!
$ CgiVarLoop:
$ read CgiPlusIn /end=EndCgiVarLoop Line
$! (empty line indicates end of request's variables)
$ if Line .eqs. "" then goto EndCgiVarLoop
$ if f$extract(0,15,Line) .eqs. "WWW_AUTH_AGENT="
$ then
$ WwwAuthAgent = f$extract(15,999,Line)
$ goto CgiVarLoop
$ endif
$ if f$extract(0,18,Line) .eqs. "WWW_AUTH_PASSWORD="
$ then
$ WwwAuthPassword = f$edit(f$extract(18,999,Line),"upcase")
$ goto CgiVarLoop
$ endif
$ if f$extract(0,15,Line) .eqs. "WWW_AUTH_REALM="
$ then
$ WwwAuthRealm = f$extract(15,999,Line)
$ goto CgiVarLoop
$ endif
$ if f$extract(0,16,Line) .eqs. "WWW_REMOTE_USER="
$ then
$ WwwRemoteUser = f$edit(f$extract(16,999,Line),"upcase")
$ goto CgiVarLoop
$ endif
$ goto CgiVarLoop
$ EndCgiVarLoop:
$!
$! (the actual agent callout)
$ say f$trnlnm("CGIPLUSESC")
$!
$! (ensure we've got everything we need)
$ if WwwAuthAgent .eqs. "" .or. WwwAuthPassword .eqs "" .or. -
WwwAuthRealm .eqs. "" .or. WwwRemoteUser .eqs. ""
$ then
$ say "500 implementation error"
$ else
$! (belt-and-braces, further ensure it cannot be run as a script)
$ say "100 AUTHAGENT-CALLOUT"
$! (check the authentication information against our "database" ;^)
$ if WwwRemoteUser .eqs. "MARK" .and. WwwAuthPassword .eqs. "DANIEL"
$ then
$ say "200 READ+WRITE"
$ else
$ say "401 username/password problem"
$ endif
$ endif
$!
$! (and of agent callout)
$ say f$trnlnm("CGIPLUSEOT")
$!
$! (and of agent processing)
$ say f$trnlnm("CGIPLUSEOF")
$ goto RequestLoop
$!
$ EndRequestLoop: