Re: Passwords, Protected Realms, and Automatic Generation

["Artie Romero Graphics" <arg@cos.wantweb.net>]

Would somebody please tell me how to get off this list?  I think somebody signed
me on as a prank.

John P Roy wrote:

> >
> > Wow, I love the software -- Pi3 is perfect for my use.
> ^^
> Thank you, what is your use?
> >
> > I wonder, when I want to change or add passwords for users in protected
> > realms, is it possible to make these changes without automatically
> > regenerating a Config.pi3 file? This may be a dumb question and it is
> ^^^
> Last time I looked base64 encoded usernames and passwords were listed
> in the Config.pi3 file whether you generate this file using the admin GUI
> or automatically generate it yourself to manage large user accounts.
>
> You can split Config.pi3 into smaller files and include them in the main
> file using the 'include' syntax that you'll see in this file - this
> might be a little bit more like what you're looking for.
>
> The basic authentication stuff is really easy and if you're inclined
> to write a like C code you can pretty easily modify it yourself.
>
> Having said that, a more sophisticated scheme is probably on the books
> becuase a number of people have noted that the current mechanism is a
> little too simple for some uses.
>
> It would be good to be able to administer usernames and passwords without
> having to restart the server to have these changes take effect - on
> the other hand I don't agree with the apache model where a password file
> is opened, read, parsed and closed for every single request to a
> protected realm - the worst case scenario looks real bleak with this solution.
> Ultimately I'd want something where the password file is read, parsed
> and only re-loaded when its last modified date changes. This is model
> I'd like to see for many components of the server operations including
> the entire configuration of virtual hosts, but I digress....
>
> The only other thing to note on the password protection issue is that
> more sophisticated solutions require a little more work, when I release
> pi3perl I hope to include an example of providing basic authentication
> from a database via ODBC (mSQL on UNIX) this is an approach that could
> scale to many millions of users - reading password files would just
> not work on this scale.
>
> > certainly obvious that I know very little about this (any of the Pi3 web
> > software). Also, if you want to waste the time, a little help on CGI
> ^^^
> Hey the only way is up, right? :> - I wouldn't call it wasting time,
> but I'd probably not explain these things well and there are very many great
> resources available on the web. CGI (along with nph and redirects) are
> part of the HTTP protocol so you should be able to find lots of scripts
> and play with them, I think somebody mentioned
>
>         www.cgi-resources.com (???)
>
> as one such site. Get lots of perl scripts and play with them..
>
> > scripts (like redirect) might be helpful. I know there is well
> > cross-referenced help in the pidocs folder, but it's still just a bit
> > over me.
> ^^^
> A failing of the documentation is that it assumes a working knowledge
> of CGI and so some extent HTTP protocol - but as I say the good news
> is that there must be thousands of resources available elsewhere with
> this information.
>
> Hope this helps,
> John
> >
> > -N.

--Artie Romero
    Artie Romero Graphics   719-574-5955
    ARG Cartoon Animation   http://www.artie.com
    CityStar Online         http://www.citystar.com