[AOLSERVER] perms
How do I get Aolserver to recognize that a user has been manually updated in the passwd file on disk without restarting/HUPing the server? I have "Skiplocks" set to off in my config file (if its on and I try ns_passwdcheck it crashes the server hard without a log entry)... It would be really nice to be able to check this without having to build a proc to manually process the file each time a request is made and without the connectivity downtime caused by a server reload... Thanks -- Patrick Spence, Network Administrator Information System Dept. 2401 South 24th Street, Phoenix, AZ 85034 [EMAIL PROTECTED] - http://www.vitamist.com
Re: [AOLSERVER] perms
At 10:56 AM 8/8/01, you wrote: >How do I get Aolserver to recognize that a user has been manually updated in >the passwd file on disk without restarting/HUPing the server? I have >"Skiplocks" set to off in my config file (if its on and I try ns_passwdcheck >it crashes the server hard without a log entry)... > >It would be really nice to be able to check this without having to build a >proc to manually process the file each time a request is made and without >the connectivity downtime caused by a server reload... > >Thanks I think you will need to create a custom module to do this for you. There is no code I am aware of that reloads the files off disk. Short of checking on each request, you may consider: A) A scheduled proc that checks/reloads every five minutes B) A web interface to the passwd file that reloads the file after updating it C) A web page/url that shell scripts could use to get the file reloaded for them: in other words if you have a shell script that updates the passwd file for you, the shell script could do an http request on something like /passwd-reload to get a tcl script within aol server to reload the passwd file Jerry = Jerry Asher [EMAIL PROTECTED] 1678 Shattuck Avenue Suite 161Tel: (510) 549-2980 Berkeley, CA 94709Fax: (877) 311-8688
Re: [AOLSERVER] perms
- Original Message - From: "Jerry Asher" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, August 08, 2001 11:03 AM Subject: Re: [AOLSERVER] perms > I think you will need to create a custom module to do this for you. There > is no code I am aware of that reloads the files off disk. Short of > checking on each request, you may consider: > > A) A scheduled proc that checks/reloads every five minutes > B) A web interface to the passwd file that reloads the file after updating it > C) A web page/url that shell scripts could use to get the file reloaded > for them: > in other words if you have a shell script that updates the passwd file for > you, the shell script could do an http request on something like > /passwd-reload > to get a tcl script within aol server to reload the passwd file But no matter which I would have to write a module that reloads it on command? -- Patrick Spence, Network Administrator Information System Dept. 2401 South 24th Street, Phoenix, AZ 85034 [EMAIL PROTECTED] - http://www.vitamist.com
Re: [AOLSERVER] perms
I rolled my own in Tcl. It loads a file of usernames/passwords every 15 mins. It stores these in nsv arrays. Pretty simple, and fast enough. I have a request processor registered at preauth that checks a urlacls file that contains each ACL'd URL and causes a challenge to be issued based on the info in it. Why not use nsperms? Because it didn't fit my needs and was a bit too restrictive for me. I need to be able to check for a client SSL certificate first, then failover to username password. /s. > At 10:56 AM 8/8/01, you wrote: > >How do I get Aolserver to recognize that a user has been manually updated in > >the passwd file on disk without restarting/HUPing the server? I have > >"Skiplocks" set to off in my config file (if its on and I try ns_passwdcheck > >it crashes the server hard without a log entry)... > > > >It would be really nice to be able to check this without having to build a > >proc to manually process the file each time a request is made and without > >the connectivity downtime caused by a server reload... > > > >Thanks > > I think you will need to create a custom module to do this for you. There > is no code I am aware of that reloads the files off disk. Short of > checking on each request, you may consider: > > A) A scheduled proc that checks/reloads every five minutes > B) A web interface to the passwd file that reloads the file after updating it > C) A web page/url that shell scripts could use to get the file reloaded > for them: > in other words if you have a shell script that updates the passwd file for > you, the shell script could do an http request on something like > /passwd-reload > to get a tcl script within aol server to reload the passwd file > > > Jerry > = > Jerry Asher [EMAIL PROTECTED] > 1678 Shattuck Avenue Suite 161Tel: (510) 549-2980 > Berkeley, CA 94709Fax: (877) 311-8688 > > >
Re: [AOLSERVER] perms
- Original Message - From: "Scott Goodwin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, August 08, 2001 11:11 AM Subject: Re: [AOLSERVER] perms > I rolled my own in Tcl. It loads a file of usernames/passwords every 15 > mins. It stores these in nsv arrays. Pretty simple, and fast enough. I have > a request processor registered at preauth that checks a urlacls file that > contains each ACL'd URL and causes a challenge to be issued based on the > info in it. > > Why not use nsperms? Because it didn't fit my needs and was a bit too > restrictive for me. I need to be able to check for a client SSL certificate > first, then failover to username password. > It wouldn't be available for public consumption would it? [sheepish smile] -- Patrick Spence, Network Administrator Information System Dept. 2401 South 24th Street, Phoenix, AZ 85034 [EMAIL PROTECTED] - http://www.vitamist.com
Re: [AOLSERVER] perms
> >But no matter which I would have to write a module that reloads it on >command? Yes, but that should be pretty easy. They are loaded into the system at system startup by a tcl script, so I imagine all you need to do is cut and paste portions of that tcl script into your proc. Also, do consider Scott's comments and consider your actual requirements. I use nsperms for somethings and preauth filters for others. It's not always what people need, and it can be difficult to setup correctly. Jerry = Jerry Asher [EMAIL PROTECTED] 1678 Shattuck Avenue Suite 161Tel: (510) 549-2980 Berkeley, CA 94709Fax: (877) 311-8688
Re: [AOLSERVER] perms
- Original Message - From: "Scott Goodwin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, August 08, 2001 11:11 AM Subject: Re: [AOLSERVER] perms Ooooh, found the code in init.tcl that initializes the nsperm module... going to try it out
Re: [AOLSERVER] perms
- Original Message - From: "Jerry Asher" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, August 08, 2001 11:25 AM Subject: Re: [AOLSERVER] perms > > > >But no matter which I would have to write a module that reloads it on > >command? > > Yes, but that should be pretty easy. They are loaded into the system at > system startup by a tcl script, so I imagine all you need to do is cut and > paste portions of that tcl script into your proc. > > Also, do consider Scott's comments and consider your actual > requirements. I use nsperms for somethings and preauth filters for > others. It's not always what people need, and it can be difficult to setup > correctly. Yeah, my partner and I just worked up a different way of doing things.. I am going to use some of the code from the tcl script but load it into a postgres table instead... and handle authentication from the table instead of using ns_perm... -- Patrick Spence, Network Administrator Information System Dept. 2401 South 24th Street, Phoenix, AZ 85034 [EMAIL PROTECTED] - http://www.vitamist.com
Re: [AOLSERVER] perms
>Yeah, my partner and I just worked up a different way of doing things.. I am >going to use some of the code from the tcl script but load it into a >postgres table instead... and handle authentication from the table instead >of using ns_perm... When you get this working, could you post it? Thanks, Jerry = Jerry Asher [EMAIL PROTECTED] 1678 Shattuck Avenue Suite 161Tel: (510) 549-2980 Berkeley, CA 94709Fax: (877) 311-8688
Re: [AOLSERVER] perms
- Original Message - From: "Jerry Asher" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, August 08, 2001 12:57 PM Subject: Re: [AOLSERVER] perms > >Yeah, my partner and I just worked up a different way of doing things.. I am > >going to use some of the code from the tcl script but load it into a > >postgres table instead... and handle authentication from the table instead > >of using ns_perm... > > When you get this working, could you post it? > > Thanks, Certainly... what I am working on is as close to live updating as possible of users for a subscription based website.. we are using a third party to charge cards and generate the accounts for us, so I have to work around that difficulty.. but I think we are going to have as close to live as I am going to need.. and when I get it done I will be glad to post it... though I will likely be using Daniel Stasinskis database code that comes in his NS/Admin replacement code for some of it, so you will need that (www.scriptkitties.com) -- Patrick Spence, Network Administrator Information System Dept. 2401 South 24th Street, Phoenix, AZ 85034 [EMAIL PROTECTED] - http://www.vitamist.com
Re: [AOLSERVER] perms
> Certainly... what I am working on is as close to live > updating as possible of users for a subscription based > website.. we are using a third party to charge cards and > generate the accounts for us, so I have to work around that > difficulty.. I'm interested in the on-line billing options. Would you care to share who's doing the credit card charing and your experiences so far? I would appreciate any real-life info. Regards,
Re: [AOLSERVER] perms
I would also be very interested in reading about this process. Why not write an ASJ or other article on it? /s. > I'm interested in the on-line billing options. Would you care to share > who's doing the credit card charing and your experiences so far? I would > appreciate any real-life info. > > Regards, > >
Re: [AOLSERVER] perms
- Original Message - From: "Yon Derek" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, August 08, 2001 9:35 PM Subject: Re: [AOLSERVER] perms > > Certainly... what I am working on is as close to live > > updating as possible of users for a subscription based > > website.. we are using a third party to charge cards and > > generate the accounts for us, so I have to work around that > > difficulty.. > > I'm interested in the on-line billing options. Would you care to share > who's doing the credit card charing and your experiences so far? I would > appreciate any real-life info. I am in the process of signing up and getting their software installed on my server.. I am using ccBill (www.ccbill.com) I considered others, like ibill.com but ccBill came highly recommended, and some high volume subscription sites use them... Plus they are local to me, so I can drive over to their office and make a nuisance of myself if I wanted to.. :) Unfortunately they take 14.5% of the cut... but I don't have to write ecommerce software, nor do I have to make unsafe connections over the internet.. I could have used a merchant account and used url based connections to handle the charging.. but until someone writes something so I can make a ssl based outbound connection from my webserver I don't want to do that since everything is sent out in clear and I don't want to risk sniffers... After the process is finished and I get it all to work with AOLserver I will be glad to do a writeup over the trials and tribulations Though I will point out that when I first considered them I called them up and spoke with their installation department and specifically asked about AOLserver and got a "sure we can work with that, no problem" response.. and yesterday when I started the process their response to the dual passwd/group combo of ns_perm was "Uh, you use a group file, it won't work... your .htaccess is requireing your .htpasswd to work with .htgroup so it wont work. Kinda makes ya wonder doesn't it.. :) Patrick
Re: [AOLSERVER] perms
> I could have used a merchant account and used url based > connections to handle the charging.. but until someone writes something so > I can make a ssl based outbound connection from my webserver I don't want > to do that since everything is sent out in clear and I don't want to risk > sniffers... I guess you'd better set up your own merchant account then. I'm releasing nsopenssl 2.0 today, and it does outgoing SSL connections. Warm up your keyboard. /s.
Re: [AOLSERVER] perms
At 11:53 AM 8/9/2001 -0400, you wrote: As a matter of fact I have been waiting with baited breath for your release.. :) And so has Daniel Stasinski.. :) your efforts are definately appreciated... > > I could have used a merchant account and used url based > > connections to handle the charging.. but until someone writes something so > > I can make a ssl based outbound connection from my webserver I don't want > > to do that since everything is sent out in clear and I don't want to risk > > sniffers... > > >I guess you'd better set up your own merchant account then. I'm releasing >nsopenssl 2.0 today, and it does outgoing SSL connections. > >Warm up your keyboard. > >/s.
