CGI and REMOTE_USER

Markus Stumpf (stumpf@informatik.tu-muenchen.de)
Tue, 18 Jan 1994 22:34:22 +0100


Hello!

I have hacked rfc931 identification into the NCSA httpd-1.0 code.
No big deal :) I've used the rfc931.c from tcp-wrappers package and added
one line to httpd.c.

For those unfamiliar with rfc931: this makes a connection back to
the client host and tries to contact an indent daemon which provides
the username of the user owning the client socket.
We want to use this feature to gain more information on (mostly local)
users using scripts (for sending mail to webmaster, etc.).

I'd like to provide this information within the CGI scripts, but it looks
like REMOTE_USER is the wrong variable. To be true, I think REMOTE_USER
would be the correct one but the current name for what it is used for
is misleading and should be changed to AUTH_USER :)
As like I read the spec the real user on the client side and the user
that should be authenticated mustn't necessarily be the same, right?

Any ideas, comment?

\Maex

-- 
______________________________________________________________________________
 Markus Stumpf                        Markus.Stumpf@Informatik.TU-Muenchen.DE 
                                http://www.informatik.tu-muenchen.de/~stumpf/