|
|
All AS/400 Tip Categories
/
Web
/
HTTP Protect Directives
Question:
Hi,
I'm testing to protect some document directories on a http-server.
When I start the server, I get to login window, but the server always
refuses access. I cannot find out where I misconfigured the server.
Can someone help me out?
I'm at V4R3 ptf level up to date until 9/24/99.
Following are the protect subdirectives.
I'm using the default HTTP user.
Has it to do with mismatching CCSIDs ? Are are there other things to define
or are there special gotcha's ?
Thanks in advance.
00010 Protection ANNEX
00020 AuthType Basic
00030 ServerId TESTAnnex
00040 PasswdFile QUSRSYS/ABVVVLDL
00050 Groupfile /home/abvvgrp.grp
00060 GetMask informatica, entreprise, secretariaat
00070 PostMask informatica, entreprise, secretariaat
00080 Mask all
00090 }
00100 Protect /home/annex/* ANNEX
Answer(s):
What is your PasswdFile directive? Try PasswdFile %%SYSTEM%%
This will use your AS/400 user ID to allow access. If you want access from a
validation list, put the validation list in the directive.
The QUSRSYS/ABVVVLDL is a validation list that you create with
users/passwords. It provides a way to give access to web users without
having to give them AS/400 profiles and passwords.
You have Protection and Protect directive. You also need a Pass, Exec,
Redirect directive to serve the data.
Thanks for the replies.
I indeed use a validation List (QUSRSYS/ABVVVLDL) , just to eliminate
the use of normal AS400 userprofiles.
So I would not use %%SYSTEM%% .
I do have a Pass /home/annex/* directive in my configuration
file. I can't see what Exec and/or Redirect I should have to add to access the
directory.
PS: What I didn't mention, but I can't see that should make any difference:
I use port 8030 for my tests, not 80 (which is actif also).
First of all... port number don't matter as they each have their own HTTP
configuration file.
A full example which I use is the following (must be before the Map/Pass
statements);
02110 Protection INTRANET {
02120 PasswdFile mylib/INTRANET
02130 ACLOverride Off
02140 Mask All
02150 DeleteMask All
02160 PostMask All
02170 PutMask All
02180 GetMask All
02190 AuthType Basic
02200 ServerID Intranet
02210 UserID %%SERVER%%
02220 }
02230 Protect /Intranet/* INTRANET
I must admit that I had some problems with the validation list API's for
which I wrote programs... but finally on V4R4 everything worked fine so I
didn't bother our V4R2 anymore.
Your config looks about the same as mine. (I posted an example with Groupfile, but did test with "Getmask all etc..." also).
Protect is defined before the map/pass/exec lines.
I didn't define ACLoverwrite off and Userid %%SERVER%%, but these are the
defaults. I will try tomorrow with the exact definition you sent.
You mention problems in V4R2.
Do you still recall what kind of problems it where?
Might be the same here (NLS-stuff ?) .
I had so many problems with HTTP and V4R2 (and lack of time to figure it all
out), but I gave up on it and migrated to V4R4. Maybe contact IBM support
in Brussels and refer to case 77964.
To my knowledge, it has nothing to do with NLS.
Other tips in this category:
Click here to see all categories.
Configuring the AS/400 as a Web Server
HTTP Protect Directives
A Simple Web Counter in RPG
How To Set Up Multiple WWW Domains
Is there a webcounter for the AS/400?
Net.Data trouble
AS/400 HTTP Server
|
