WebGUI Utility Scripts. Graham Knop /

Similar documents
Writing Tests with Apache-Test Part II

Command Line WebGUI Graham Knop

mod_perl 2.0 Documentation

Test-Driven Apache Module Development

Accelerate Your Server. Delivering Web Content Faster with mod_perl 2

All Your URI are Belong to Us

1 Apache2::ServerUtil - Perl API for Apache server

1 Apache2::RequestUtil - Perl API for Apache

Configuration examples for the D-Link NetDefend Firewall series DFL-260/860

Splitting and Merging. Down and Dirty Made Easy

How browsers talk to servers. What does this do?

User authentication, passwords

1 Apache2::Response - Perl API for Apache HTTP request response methods

Mod_Perl. And why I don t care about your scorn. By Julian Brown cpanel Thursday Sept 14th, 2017

User Manual. Admin Report Kit for IIS 7 (ARKIIS)

System Administration for Beginners

Using.htaccess to Restrict OU Directory by Usernames and Passwords in an.htpasswd File

CentOS 6.7 with Vault MySQL 5.1

Getting started with Zabbix API

Mobile Login Extension User Manual

Exercises. Cacti Installation and Configuration

Exercises. Cacti Installation and Configuration

8.0 Help for Community Managers Release Notes System Requirements Administering Jive for Office... 6

1 Apache2::SizeLimit - Because size does matter.

Active Directory Integration. Documentation. v1.00. making your facilities work for you!

Security Guide. Configuration of Permissions

Andowson Chang

Cloud Help for Community Managers...3. Release Notes System Requirements Administering Jive for Office... 6

Hands-On Perl Scripting and CGI Programming

Privilege Separation

Authentication for Web Services. Ray Miller Systems Development and Support Computing Services, University of Oxford

Lecture Overview. IN5290 Ethical Hacking. Lecture 4: Web hacking 1, Client side bypass, Tampering data, Brute-forcing

Chromakinetics MIDIweb Ver 1.0

Managing NCS User Accounts

Managing WCS User Accounts

Black Box DCX3000 / DCX1000 Using the API

Part A Short Answer (50 marks)

HTTP Protocol and Server-Side Basics

TIBCO LiveView Web Getting Started Guide

CPW AutoGrader. CSCI 370 Field Session 2016 June 20, Client: Christopher Painter Wakefield

MANAGEMENT AND CONFIGURATION MANUAL

Initial Setup. Cisco APIC Documentation Roadmap. This chapter contains the following sections:

Copyright 2011 Sakun Sharma

Introduction. Welcom to The WebGUI API

Following the API System Utility Application Utility

Backing Up And Restoring Your Nagios XI System

EI 338: Computer Systems Engineering (Operating Systems & Computer Architecture)

NET 311 INFORMATION SECURITY

Security Guide. Configuration of Report and System Permissions

Factotum Sep. 24, 2007

JupyterHub Documentation

Webthority can provide single sign-on to web applications using one of the following authentication methods:

PHP for PL/SQL Developers. Lewis Cunningham JP Morgan Chase

Configuring the CSS for Device Management

Monitoring Apache Tomcat Servers With Nagios XI

Atea Anywhere Meeting Room

Kardia / Centrallix VM Appliance Quick Reference

Serverless Single Page Web Apps, Part Four. CSCI 5828: Foundations of Software Engineering Lecture 24 11/10/2016

Administering Jive Mobile Apps for ios and Android

Protect My Ministry Integrated Background Checks for Church Community Builder

Using RANCID. Contents. 1 Introduction Goals Notes Install rancid Add alias Configure rancid...

Users Guide. Kerio Technologies

Dreamweaver CS6. Table of Contents. Setting up a site in Dreamweaver! 2. Templates! 3. Using a Template! 3. Save the template! 4. Views!

Apache Install Instructions Win7 7 Php Mysql. Phpmyadmin Linux >>>CLICK HERE<<<

Working with Databases

Mobile Login extension User Manual

Schenker AB. Interface documentation Map integration

ReCPro TM User Manual Version 1.15

1 Apache2::Filter - Perl API for Apache 2.0 Filtering

ZeroVM Package Manager Documentation

Attacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14

Get in Touch Module 1 - Core PHP XHTML

Oracle Database. Installation and Configuration of Real Application Security Administration (RASADM) Prerequisites

Technical Background Information

Improve WordPress performance with caching and deferred execution of code. Danilo Ercoli Software Engineer

4D WebSTAR V User Guide for Mac OS. Copyright (C) D SA / 4D, Inc. All rights reserved.

QuickStart Guide for Managing Computers. Version 9.73

[Type text] RELEASE NOTES. Version 5.1.1

Agiloft Installation Guide

PNC Bank On-line BankCard Center - Use to access Penn State Purchasing Card statements on-line

Vendor: SUN. Exam Code: Exam Name: Sun Certified Web Component Developer for J2EE 5. Version: Demo

Webshop Plus! v Pablo Software Solutions DB Technosystems

PO Processor Installation and Configuration Guide

Subscriptions and Recurring Payments 2.X

Grandstream Networks, Inc. Captive Portal Authentication via Facebook

PURR The Persistent URL Resource Resolver

ACCESS CONTROL IN APACHE HTTPD 2.4

Application Security Introduction. Tara Gu IBM Product Security Incident Response Team

How to social login with Aruba controller. Bo Nielsen, CCIE #53075 (Sec) December 2016, V1.00

Booting a Galaxy Instance

Lock and Key: Dynamic Access Lists

20 THINGS YOU DIDN T KNOW ABOUT WEBGUI. By Tavis Parker

WA2056 Building HTML5 Based Mobile Web Sites. Classroom Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1

In this tutorial we are going to be taking a look at the CentovaCast 3 panel running ShoutCast 1 and how to get started with using it.

How to Configure Authentication and Access Control (AAA)

How To Configure Web Access To Subversion Repositories Using Apache

Persistence. SWE 432, Fall 2017 Design and Implementation of Software for the Web

Installing WordPress CMS

Magento Migration Tool. User Guide. Shopify to Magento. Bigcommerce to Magento. 3DCart to Magento

Introduction to SSO Access Policy

Transcription:

WebGUI Utility Scripts Graham Knop / graham@plainblack.com

What are Utility Scripts Maintenance functions Reporting Import / Export Anything else that uses WebGUI s data

Existing Scripts WebGUI ships with a number of scripts in WebGUI/sbin rebuildlineage.pl Verifies the site s Asset relationships Rebuilds the index of these relationships /data/webgui/sbin$ perl rebuildlineage.pl --configfile=www.mydomain.com.conf Starting...OK Looking for descendant replationships... Got the relationships. Looking for orphans... No orphans found. Rewriting existing lineage... Rebuilding lineage... Asset ID Old Lineage New Lineage PBasset000000000000001 old 000001 000001 PBasset000000000000002 old 000001000001 000001000001... tempspace0000000000000 old 000001000004 000001000004 Cleaning up...ok Don't forget to clear your cache.

search.pl Indexes new content for site or recreates the entire index Searches sites using the index /data/webgui/sbin$ perl search.pl --configfile=www.mysite.com.conf --search Features 4Yfz9hqBqM8OYMGuQK8oLw Get Features OhdaFLE7sXOzo_SIP2ZUgA Welcome Search took 0.002149 seconds. /data/webgui/sbin$ perl search.pl --configfile=www.mysite.com.conf --indexsite PBasset000000000000001 Root (0.074283) Vzv1pWpg_w6R_o-b0rM2qQ Ad (0.024502)... fk-hmsboa3uu0c1kykyspa The Latest News (0.003009) Site indexing took 4.908914 seconds.

generatecontent.pl Generates the HTML for an asset /data/webgui/sbin$ perl generatecontent.pl --configfile=www.mysite.com.conf --url=/home <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/ DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head>... </head>

thumbnailer.pl Create thumbnails for existing images Can regenerate all, or only missing /data/webgui/sbin$ perl thumbnailer.pl \ --path=/data/domains/www.mysite.com/public/uploads --missing Nailing: /data/domains/www.mysite.com/public/uploads/dr/wb/drwbmk_dyjjnj1nc5ev48w/newimage.png Nailing: /data/domains/www.mysite.com/public/uploads/ux/1c/ux1cfspjjwpix7k5q3dtqg/newimage.png

diskusage.pl Reports the disk usage of a specific asset and its children. /data/webgui/sbin$ perl diskusage.pl --configfile=www.mysite.com Starting with the Default Page... 294 /home 310 /getting_started... 2017 /home/key-benefits Total Space used: 2262342 bytes

userimport.pl Imports users from delimited text file /data/webgui/sbin$ sudo perl userimport.pl --configfile=www.mysite.com.conf \ --usersfile=userlist Starting up...ok Adding user graham Cleaning up...ok

fileimport.pl Import files to WebGUI s asset tree from the local file system /data/webgui/sbin$ sudo perl fileimport.pl --configfile=www.mysite.com.conf \ --pathtofiles=/data/import --parentassetid=pbasset000000000000002 Starting...OK End of the childs detection Building file list.found file newimage.png. Found file newpage.html. File list complete. Adding files... Adding /data/import/newimage.png to the database. Create the new asset. Setting filesystem privilege. Privileges set. Adding /data/import/newpage.html to the database. Create the new asset. Setting filesystem privilege. Privileges set. Finished adding. Committing version tag...done. Cleaning up...ok

Writing Utility Scripts

setting.pl Make a copy of sbin/_utility.skeleton /data/webgui/sbin$ cp _utility.skeleton setting.pl Find # Do your work here section Use any part of WebGUI s API to access or change the data There are other sections that mark simple edits to make

Finished code use lib "../lib"; use strict; use Getopt::Long; use WebGUI::Session; my $session = start(); for my $setting (@ARGV) { print $setting. -. $session->setting->get($setting). "\n"; # Do your work here finish($session); Output /data/webgui/sbin$ perl setting.pl --configfile=www.mysite.com.conf companyname companyname - My Company

Allow changing settings use lib "../lib"; use strict; use Getopt::Long; use WebGUI::Session; my $session = start(); for my $setting (@ARGV) { if ($setting =~ /^(\w+)=(.*)/) { my ($name, $value) = ($1, $2); print $name. " - old: ". $session->setting->get($name); $session->setting->set($name, $value); print " new: ". $session->setting->get($name). "\n"; else { print $setting. " - ". $session->setting->get($setting). "\n"; # Do your work here finish($session); Output /data/webgui/sbin$ perl setting.pl --configfile=www.mysite.com.conf companyname \ companyemail=graham@plainblack.com companyname - My Company companyemail - old: info@mycompany.com new: graham@plainblack.com

apacheauth.pl Serve static content or anything else apache handles Authorize access based on WebGUI groups Example: Control subversion access How? Write an authentication handler, so Apache recognizes WebGUI s users Write an authorization handler, to allow for deny access based on groups

BEGIN { #prevent command line execution if (!$ENV{MOD_PERL) { die "This script must be run by Apache 2\n"; package Apache2::AuthWebGUI; use strict; use warnings; use WebGUI::Session; use WebGUI::Utility; # Load the parts of WebGUI that are needed use Apache2::Access (); # Load the Apache modules that are used use Apache2::RequestUtil (); use Apache2::Const -compile => qw(ok DECLINED HTTP_UNAUTHORIZED SERVER_ERROR);

BEGIN { #prevent command line execution if (!$ENV{MOD_PERL) { die "This script must be run by Apache 2\n"; package Apache2::AuthWebGUI; use strict; use warnings; use WebGUI::Session; use WebGUI::Utility; # Load the parts of WebGUI that are needed use Apache2::Access (); # Load the Apache modules that are used use Apache2::RequestUtil (); use Apache2::Const -compile => qw(ok DECLINED HTTP_UNAUTHORIZED SERVER_ERROR);

BEGIN { #prevent command line execution if (!$ENV{MOD_PERL) { die "This script must be run by Apache 2\n"; package Apache2::AuthWebGUI; use strict; use warnings; use WebGUI::Session; use WebGUI::Utility; # Load the parts of WebGUI that are needed use Apache2::Access (); # Load the Apache modules that are used use Apache2::RequestUtil (); use Apache2::Const -compile => qw(ok DECLINED HTTP_UNAUTHORIZED SERVER_ERROR);

BEGIN { #prevent command line execution if (!$ENV{MOD_PERL) { die "This script must be run by Apache 2\n"; package Apache2::AuthWebGUI; use strict; use warnings; use WebGUI::Session; use WebGUI::Utility; # Load the parts of WebGUI that are needed use Apache2::Access (); # Load the Apache modules that are used use Apache2::RequestUtil (); use Apache2::Const -compile => qw(ok DECLINED HTTP_UNAUTHORIZED SERVER_ERROR);

# Authentication sub # Add to httpd.conf as PerlAuthenHandler Apache2::AuthWebGUI::authen # All we are doing is identifying the user sub authen { my $r = shift; # Apache Request handle my $s = Apache2::ServerUtil->server; # Server handle # Create a WebGUI session, use the same configuration settings as WebGUI my $session = WebGUI::Session->open($s->dir_config('WebguiRoot'), $r->dir_config('webguiconfig'), $r, $s); # Two auth modes, we can also try both my $mode = $r->dir_config('webguiauthmode') 'both'; # First is cookie mode, uses the session cookie from WebGUI if ($mode eq 'cookie' $mode eq 'both') { # The session use the cookie to find the logged in user my $userid = $session->user->userid; # If it isn't visitor, they are authenticated if ($userid ne '1') { checkgroupaccess($session); # For the authz handler $r->user($session->user->username); return Apache2::Const::OK;

# Authentication sub # Add to httpd.conf as PerlAuthenHandler Apache2::AuthWebGUI::authen # All we are doing is identifying the user sub authen { my $r = shift; # Apache Request handle my $s = Apache2::ServerUtil->server; # Server handle # Create a WebGUI session, use the same configuration settings as WebGUI my $session = WebGUI::Session->open($s->dir_config('WebguiRoot'), $r->dir_config('webguiconfig'), $r, $s); # Two auth modes, we can also try both my $mode = $r->dir_config('webguiauthmode') 'both'; # First is cookie mode, uses the session cookie from WebGUI if ($mode eq 'cookie' $mode eq 'both') { # The session use the cookie to find the logged in user my $userid = $session->user->userid; # If it isn't visitor, they are authenticated if ($userid ne '1') { checkgroupaccess($session); # For the authz handler $r->user($session->user->username); return Apache2::Const::OK;

# Authentication sub # Add to httpd.conf as PerlAuthenHandler Apache2::AuthWebGUI::authen # All we are doing is identifying the user sub authen { my $r = shift; # Apache Request handle my $s = Apache2::ServerUtil->server; # Server handle # Create a WebGUI session, use the same configuration settings as WebGUI my $session = WebGUI::Session->open($s->dir_config('WebguiRoot'), $r->dir_config('webguiconfig'), $r, $s); # Two auth modes, we can also try both my $mode = $r->dir_config('webguiauthmode') 'both'; # First is cookie mode, uses the session cookie from WebGUI if ($mode eq 'cookie' $mode eq 'both') { # The session use the cookie to find the logged in user my $userid = $session->user->userid; # If it isn't visitor, they are authenticated if ($userid ne '1') { checkgroupaccess($session); # For the authz handler $r->user($session->user->username); return Apache2::Const::OK;

# Authentication sub # Add to httpd.conf as PerlAuthenHandler Apache2::AuthWebGUI::authen # All we are doing is identifying the user sub authen { my $r = shift; # Apache Request handle my $s = Apache2::ServerUtil->server; # Server handle # Create a WebGUI session, use the same configuration settings as WebGUI my $session = WebGUI::Session->open($s->dir_config('WebguiRoot'), $r->dir_config('webguiconfig'), $r, $s); # Two auth modes, we can also try both my $mode = $r->dir_config('webguiauthmode') 'both'; # First is cookie mode, uses the session cookie from WebGUI if ($mode eq 'cookie' $mode eq 'both') { # The session use the cookie to find the logged in user my $userid = $session->user->userid; # If it isn't visitor, they are authenticated if ($userid ne '1') { checkgroupaccess($session); # For the authz handler $r->user($session->user->username); return Apache2::Const::OK;

# Authentication sub # Add to httpd.conf as PerlAuthenHandler Apache2::AuthWebGUI::authen # All we are doing is identifying the user sub authen { my $r = shift; # Apache Request handle my $s = Apache2::ServerUtil->server; # Server handle # Create a WebGUI session, use the same configuration settings as WebGUI my $session = WebGUI::Session->open($s->dir_config('WebguiRoot'), $r->dir_config('webguiconfig'), $r, $s); # Two auth modes, we can also try both my $mode = $r->dir_config('webguiauthmode') 'both'; # First is cookie mode, uses the session cookie from WebGUI if ($mode eq 'cookie' $mode eq 'both') { # The session use the cookie to find the logged in user my $userid = $session->user->userid; # If it isn't visitor, they are authenticated if ($userid ne '1') { checkgroupaccess($session); # For the authz handler $r->user($session->user->username); return Apache2::Const::OK;

# Next try basic auth, part of the HTTP standard if ($mode eq 'basic' $mode eq 'both') { # Check if the browser sent auth info my ($status, $password) = $r->get_basic_auth_pw; # It didn't or something else went wrong. # Return that to the browser so it knows to ask for login info if ($status!= Apache2::Const::OK) { $session->var->end; return $status; # The request has a user, find the auth settings for that user my $user = $r->user; my $auth = getauth($session, $user); if (!$auth) { $session->var->end; return Apache2::Const::SERVER_ERROR; # Check the the password. If it checks out, they are logged in if ($auth->authenticate($user, $password)) { checkgroupaccess($session, $user); $session->var->end; return Apache2::Const::OK;

# Next try basic auth, part of the HTTP standard if ($mode eq 'basic' $mode eq 'both') { # Check if the browser sent auth info my ($status, $password) = $r->get_basic_auth_pw; # It didn't or something else went wrong. # Return that to the browser so it knows to ask for login info if ($status!= Apache2::Const::OK) { $session->var->end; return $status; # The request has a user, find the auth settings for that user my $user = $r->user; my $auth = getauth($session, $user); if (!$auth) { $session->var->end; return Apache2::Const::SERVER_ERROR; # Check the the password. If it checks out, they are logged in if ($auth->authenticate($user, $password)) { checkgroupaccess($session, $user); $session->var->end; return Apache2::Const::OK;

# Next try basic auth, part of the HTTP standard if ($mode eq 'basic' $mode eq 'both') { # Check if the browser sent auth info my ($status, $password) = $r->get_basic_auth_pw; # It didn't or something else went wrong. # Return that to the browser so it knows to ask for login info if ($status!= Apache2::Const::OK) { $session->var->end; return $status; # The request has a user, find the auth settings for that user my $user = $r->user; my $auth = getauth($session, $user); if (!$auth) { $session->var->end; return Apache2::Const::SERVER_ERROR; # Check the the password. If it checks out, they are logged in if ($auth->authenticate($user, $password)) { checkgroupaccess($session, $user); $session->var->end; return Apache2::Const::OK;

# Next try basic auth, part of the HTTP standard if ($mode eq 'basic' $mode eq 'both') { # Check if the browser sent auth info my ($status, $password) = $r->get_basic_auth_pw; # It didn't or something else went wrong. # Return that to the browser so it knows to ask for login info if ($status!= Apache2::Const::OK) { $session->var->end; return $status; # The request has a user, find the auth settings for that user my $user = $r->user; my $auth = getauth($session, $user); if (!$auth) { $session->var->end; return Apache2::Const::SERVER_ERROR; # Check the the password. If it checks out, they are logged in if ($auth->authenticate($user, $password)) { checkgroupaccess($session, $user); $session->var->end; return Apache2::Const::OK;

# Next try basic auth, part of the HTTP standard if ($mode eq 'basic' $mode eq 'both') { # Check if the browser sent auth info my ($status, $password) = $r->get_basic_auth_pw; # It didn't or something else went wrong. # Return that to the browser so it knows to ask for login info if ($status!= Apache2::Const::OK) { $session->var->end; return $status; # The request has a user, find the auth settings for that user my $user = $r->user; my $auth = getauth($session, $user); if (!$auth) { $session->var->end; return Apache2::Const::SERVER_ERROR; # Check the the password. If it checks out, they are logged in if ($auth->authenticate($user, $password)) { checkgroupaccess($session, $user); $session->var->end; return Apache2::Const::OK;

# Otherwise, note it for logs $r->note_basic_auth_failure; # We didn't succeed, so clean up and return the failure $session->var->end; return Apache2::Const::HTTP_UNAUTHORIZED;

sub getauth { my $session = shift; my $user = shift; # need to find out the authentication method, and only use it if valid (my $method) = $session->db->quickarray("select authmethod from users. where username=?", [$user]); if (!isin($method, @{$session->config->get("authmethods"))) { $method = $session->setting->get("authmethod"); # make sure the module is loaded my $module = "WebGUI::Auth::$method"; (my $modfile = "$module.pm") =~ s{::{/g; if (!eval { require $modfile; 1 ) { $session->errorhandler->error( "Authentication module failed to compile: $module: $@"); return; # create a new instance of the auth module, or log and fail my $auth = eval { $module->new($session, $method) ; if (!$auth) { $session->errorhandler->error("couldn't instantiate authentication. module: $method. Root cause: $@"); return; return $auth;

sub getauth { my $session = shift; my $user = shift; # need to find out the authentication method, and only use it if valid (my $method) = $session->db->quickarray("select authmethod from users. where username=?", [$user]); if (!isin($method, @{$session->config->get("authmethods"))) { $method = $session->setting->get("authmethod"); # make sure the module is loaded my $module = "WebGUI::Auth::$method"; (my $modfile = "$module.pm") =~ s{::{/g; if (!eval { require $modfile; 1 ) { $session->errorhandler->error( "Authentication module failed to compile: $module: $@"); return; # create a new instance of the auth module, or log and fail my $auth = eval { $module->new($session, $method) ; if (!$auth) { $session->errorhandler->error("couldn't instantiate authentication. module: $method. Root cause: $@"); return; return $auth;

sub getauth { my $session = shift; my $user = shift; # need to find out the authentication method, and only use it if valid (my $method) = $session->db->quickarray("select authmethod from users. where username=?", [$user]); if (!isin($method, @{$session->config->get("authmethods"))) { $method = $session->setting->get("authmethod"); # make sure the module is loaded my $module = "WebGUI::Auth::$method"; (my $modfile = "$module.pm") =~ s{::{/g; if (!eval { require $modfile; 1 ) { $session->errorhandler->error( "Authentication module failed to compile: $module: $@"); return; # create a new instance of the auth module, or log and fail my $auth = eval { $module->new($session, $method) ; if (!$auth) { $session->errorhandler->error("couldn't instantiate authentication. module: $method. Root cause: $@"); return; return $auth;

sub getauth { my $session = shift; my $user = shift; # need to find out the authentication method, and only use it if valid (my $method) = $session->db->quickarray("select authmethod from users. where username=?", [$user]); if (!isin($method, @{$session->config->get("authmethods"))) { $method = $session->setting->get("authmethod"); # make sure the module is loaded my $module = "WebGUI::Auth::$method"; (my $modfile = "$module.pm") =~ s{::{/g; if (!eval { require $modfile; 1 ) { $session->errorhandler->error( "Authentication module failed to compile: $module: $@"); return; # create a new instance of the auth module, or log and fail my $auth = eval { $module->new($session, $method) ; if (!$auth) { $session->errorhandler->error("couldn't instantiate authentication. module: $method. Root cause: $@"); return; return $auth;

Configuration # Uses the same configuration as normal WebGUI PerlSetVar WebguiConfig dev.localhost.localdomain.conf # Load the file with the code in it PerlPostConfigRequire /data/webgui/sbin/apacheauth.pl # Register it to handle authentication PerlAuthenHandler Apache2::AuthWebGUI::authen <Location /> PerlSetVar WebguiAuthMode both # Allow session cookie or basic auth AuthType Basic # Setup for basic auth AuthName "WebGUI Data Area" Require valid-user # Require a valid login to get access </Location>

Called after figuring out user # Check authorization settings to see if user has access sub checkgroupaccess { my $session = shift; my $username = shift; my $r = $session->request; # Session's user if no user specified my $user = $username? WebGUI::User->newByUsername($session, $username) : $session->user; # Read config, split and make into a list my $groupstoaccess = $session->request->dir_config('webguiauthrequiregroup'); return unless $groupstoaccess; if (!ref $groupstoaccess) { $groupstoaccess = [split /\s+/, $groupstoaccess]; # if the user is in any of the groups, mark as success for my $groupid (@$groupstoaccess) { if ($user->isingroup($groupid)) { $r->pnotes(webguiauthgroupaccess => 1); return; return;

Called after figuring out user # Check authorization settings to see if user has access sub checkgroupaccess { my $session = shift; my $username = shift; my $r = $session->request; # Session's user if no user specified my $user = $username? WebGUI::User->newByUsername($session, $username) : $session->user; # Read config, split and make into a list my $groupstoaccess = $session->request->dir_config('webguiauthrequiregroup'); return unless $groupstoaccess; if (!ref $groupstoaccess) { $groupstoaccess = [split /\s+/, $groupstoaccess]; # if the user is in any of the groups, mark as success for my $groupid (@$groupstoaccess) { if ($user->isingroup($groupid)) { $r->pnotes(webguiauthgroupaccess => 1); return; return;

Called after figuring out user # Check authorization settings to see if user has access sub checkgroupaccess { my $session = shift; my $username = shift; my $r = $session->request; # Session's user if no user specified my $user = $username? WebGUI::User->newByUsername($session, $username) : $session->user; # Read config, split and make into a list my $groupstoaccess = $session->request->dir_config('webguiauthrequiregroup'); return unless $groupstoaccess; if (!ref $groupstoaccess) { $groupstoaccess = [split /\s+/, $groupstoaccess]; # if the user is in any of the groups, mark as success for my $groupid (@$groupstoaccess) { if ($user->isingroup($groupid)) { $r->pnotes(webguiauthgroupaccess => 1); return; return;

Called after figuring out user # Check authorization settings to see if user has access sub checkgroupaccess { my $session = shift; my $username = shift; my $r = $session->request; # Session's user if no user specified my $user = $username? WebGUI::User->newByUsername($session, $username) : $session->user; # Read config, split and make into a list my $groupstoaccess = $session->request->dir_config('webguiauthrequiregroup'); return unless $groupstoaccess; if (!ref $groupstoaccess) { $groupstoaccess = [split /\s+/, $groupstoaccess]; # if the user is in any of the groups, mark as success for my $groupid (@$groupstoaccess) { if ($user->isingroup($groupid)) { $r->pnotes(webguiauthgroupaccess => 1); return; return;

# would be expensive to reinitialize session, so we use the data we saved earlier sub authz { my $r = shift; # Apache Request handle if ($r->pnotes('webguiauthgroupaccess')) { # Pull out data from auth phase return Apache2::Const::OK; return Apache2::Const::HTTP_UNAUTHORIZED;

Configuration # Uses the same configuration as normal WebGUI PerlSetVar WebguiConfig dev.localhost.localdomain.conf # Load the file with the code in it PerlPostConfigRequire /data/webgui/sbin/apacheauth.pl # Register it to handle authentication PerlAuthenHandler Apache2::AuthWebGUI::authen # Register it to handle authorization PerlAuthzHandler Apache2::AuthWebGUI::authz <Location /> PerlSetVar WebguiAuthMode both # Allow session cookie or basic auth PerlSetVar WebguiAuthRequireGroup 11 # Only allow access to secondary admins AuthType Basic # Setup for basic auth AuthName "WebGUI Data Area" Require valid-user # Require a valid login to get access </Location>

Utility Scripts Interact with WebGUI in an automated fashion Perform maintenance on a WebGUI site Interact with the local file system and OS Add new functionality using WebGUI s API

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback