total Newbie question

K

kbutterly

Good afternoon, all,

I apologize in advance for my ignorance. Please point me to the
correct place if there is a better location for me to post my question
to.

I have an HTML page, redirect.html, on a Linux server that is presented
after RSA authentication. I can edit this HTML page. I need to get
the validated userName to a ColdFusion page on a different Linux
server.

The environment variable Remote_User contains the validated userName
and is defined in that page, but I can't get to it with HTML or
Javascript. (Can I?)

So my idea was to redirect to a CGI script that could access
$ENV{"REMOTE_USER"} and them use this variable to post to the
ColdFusion page.

Does this make sense? How can I do this? I apologize for my
ignorance.

Any ideas, resources, war stories, or good clean joke would be greatly
appreciated,
Kathryn
 
M

Matt Garrish

Good afternoon, all,

I apologize in advance for my ignorance. Please point me to the
correct place if there is a better location for me to post my question
to.

I have an HTML page, redirect.html, on a Linux server that is presented
after RSA authentication. I can edit this HTML page. I need to get
the validated userName to a ColdFusion page on a different Linux
server.

The environment variable Remote_User contains the validated userName
and is defined in that page, but I can't get to it with HTML or
Javascript. (Can I?)

Nope. REMOTE_USER is only available to the server.
So my idea was to redirect to a CGI script that could access
$ENV{"REMOTE_USER"} and them use this variable to post to the
ColdFusion page.

Does this make sense? How can I do this? I apologize for my
ignorance.

That's a long and painful way of doing things, but it can be done. You
essentially are doing a redirect to a redirect to the place you want to be.
With Perl, you could either use the LWP modules to grab the page you want to
display and then return that to the user (but watch things break if the
source uses relative paths) or you could just print a redirect header and
send the remote_user as a parameter (but it will be in the url).

Why can't you access the ColdFusion script directly, though? Or why not
write a cgi redirect and drop that in in place of the html page so you
bypass the extra redirect altogether?

It also doesn't sound like this ColdFusion page is very secure. If you're
only authenticating to the one server and sending the user to another server
with only a username your whole authentication scheme is pointless (i.e.,
log in here, but it doesn't really matter because I'm just redirecting
there, which isn't secure). Or, in other words, why log in at all if the the
server you're actually going to just requires a username. Or is there
something I'm missing in this?

CLP.misc isn't really the place for this kind of discussion, though. If you
want help with authentication and redirect issues, you might try
comp.infosystems.www.authoring.cgi.

Matt
 
A

A. Sinan Unur

It also doesn't sound like this ColdFusion page is very secure. If
you're only authenticating to the one server and sending the user to
another server with only a username your whole authentication scheme
is pointless

I have seen that kind of error here a few times. The script that displays
the form is often Kerberized, but the script that processes the form
submission blindly trusts the user id that is submitted in a hidden field
of the form. End result: Instructional server down after spammers use the
form.

To the OP: Please do not use this method.

Sinan
 
B

Bart Van der Donck

I apologize in advance for my ignorance. Please point me to the
correct place if there is a better location for me to post my question
to.

I have an HTML page, redirect.html, on a Linux server that is presented
after RSA authentication. I can edit this HTML page. I need to get
the validated userName to a ColdFusion page on a different Linux
server.

The environment variable Remote_User contains the validated userName
and is defined in that page, but I can't get to it with HTML or
Javascript. (Can I?)

Not in 'pure' HTML, but you could use SSI (Server Side Includes):

<html>
<body>
<!--#ECHO VAR="REMOTE_USER"-->
</body>
</html>

AFAIK, most Linux servers support SSI by default (just don't forget the
..shtml extension for the file).
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top