Authorization of custom CGIs
Michael Sweet
mike at easysw.com
Wed Dec 20 19:02:22 PST 2006
Opher Shachar wrote:
> Hello all,
> I've written a custom CGI and marked it as a protected resource in cupsd.conf:
> <Location /ojobs.cgi>
> AuthType Basic
> Require user @SYSTEM
> # Allow remote administration...
> Order allow,deny
> Allow @LOCAL
> </Location>
>
> When accessing the CGI I'm asked to authenticate BUT then any (authenticated) user - not just root - gets access.
> Is it the CGI's responsibility to check for authorization?
> If so need the CGI parse the cupsd.conf file, or is there a simpler way?
CUPS should be doing the group checks for you - verify that your
users are not part of the system group(s). If they aren't, set the
LogLevel to debug2 and see which location is being used for
authentication (look for the cupsdFindBest log messages).
--
______________________________________________________________________
Michael Sweet, Easy Software Products mike at easysw dot com
Internet Printing and Publishing Software http://www.easysw.com
More information about the cups
mailing list