[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Passwords, Protected Realms, and Automatic Generation

> Wow, I love the software -- Pi3 is perfect for my use.
Thank you, what is your use?
> I wonder, when I want to change or add passwords for users in protected
> realms, is it possible to make these changes without automatically
> regenerating a Config.pi3 file? This may be a dumb question and it is
Last time I looked base64 encoded usernames and passwords were listed
in the Config.pi3 file whether you generate this file using the admin GUI
or automatically generate it yourself to manage large user accounts.

You can split Config.pi3 into smaller files and include them in the main
file using the 'include' syntax that you'll see in this file - this
might be a little bit more like what you're looking for. 

The basic authentication stuff is really easy and if you're inclined
to write a like C code you can pretty easily modify it yourself. 

Having said that, a more sophisticated scheme is probably on the books 
becuase a number of people have noted that the current mechanism is a 
little too simple for some uses. 

It would be good to be able to administer usernames and passwords without
having to restart the server to have these changes take effect - on 
the other hand I don't agree with the apache model where a password file
is opened, read, parsed and closed for every single request to a 
protected realm - the worst case scenario looks real bleak with this solution.
Ultimately I'd want something where the password file is read, parsed
and only re-loaded when its last modified date changes. This is model
I'd like to see for many components of the server operations including
the entire configuration of virtual hosts, but I digress....

The only other thing to note on the password protection issue is that
more sophisticated solutions require a little more work, when I release
pi3perl I hope to include an example of providing basic authentication
from a database via ODBC (mSQL on UNIX) this is an approach that could
scale to many millions of users - reading password files would just
not work on this scale.

> certainly obvious that I know very little about this (any of the Pi3 web
> software). Also, if you want to waste the time, a little help on CGI
Hey the only way is up, right? :> - I wouldn't call it wasting time,
but I'd probably not explain these things well and there are very many great
resources available on the web. CGI (along with nph and redirects) are
part of the HTTP protocol so you should be able to find lots of scripts
and play with them, I think somebody mentioned

	www.cgi-resources.com (???)

as one such site. Get lots of perl scripts and play with them..
> scripts (like redirect) might be helpful. I know there is well
> cross-referenced help in the pidocs folder, but it's still just a bit
> over me.
A failing of the documentation is that it assumes a working knowledge
of CGI and so some extent HTTP protocol - but as I say the good news
is that there must be thousands of resources available elsewhere with 
this information.

Hope this helps,
> -N.