Authorization of custom CGIs

Opher Shachar ophers at ladpc.co.il
Wed Dec 20 14:35:06 PST 2006


Hello all,
  I've written a custom CGI and marked it as a protected resource in cupsd.conf:
<Location /ojobs.cgi>
  AuthType Basic
  Require user @SYSTEM
  # Allow remote administration...
  Order allow,deny
  Allow @LOCAL
</Location>

When accessing the CGI I'm asked to authenticate BUT then any (authenticated) user - not just root - gets access.
Is it the CGI's responsibility to check for authorization?
If so need the CGI parse the cupsd.conf file, or is there a simpler way?

Thanks,
Opher Shachar.




More information about the cups mailing list