Provided by: aolserver4-dev_4.5.1-15_amd64 bug

NAME

       ns_requestauthorize - commands

SYNOPSIS

       ns_requestauthorize option ?arg arg ...?
_________________________________________________________________

DESCRIPTION

   ns_requestauthorize method URL authuser authpassword ?ipaddr?
       Ask  the server to check permissions using nsperm.  This function does the same permission
       check that the AOLserver does before serving a URL. If the nsperm module  is  loaded,  the
       algorithm is as follows.

       1. If the authuser is "nsadmin", the password is correct, and the IP address of the client
          is allowed nsadmin access, then access is authorized.

       2. Find the relevant permission  record.  If  an  exact  match  for  the  method  and  URL
          combination  is not found, the end of the URL is pared down until a match is found. For
          example, if there is no match for `/products/cereals/raisin_bran.html,' then the server
          looks  for  a  permission  record  for  the URL `/products/cereals.' If that permission
          record is specified as "Exact URL match is NOT required", then that  permission  record
          is used.

       By  default,  the server comes with a row that says GET on `/' is open to the world. If no
       relevant permission record is found, access is denied (forbidden).

       1. If the authuser is in the "Allow Users" list, access is permitted. If the authuser is a
          member  of  a group in the "Allow Groups" list and not in the "Deny Users" list, access
          is permitted.

       2. If the host is in the "Hosts to allow" list, access is permitted. If the host is in the
          "Hosts to deny" list, access is denied.

       3. If the request does not come in with authorization data, access is denied.

       4. The  user and password are verified. If there is no password specified in the database,
          any password is accepted.

       5. Otherwise, access is denied.

   Return Values:
       The following values can be returned by ns_requestauthorize.

       OK         The user has permission to execute this URL and method.

       DENIED     The user does not have permission to execute this URL and method.

       FORBIDDEN  There is no possible  user/password/IP  Address  combination  that  would  give
                  authorization.

       ERROR      There was an error.

SEE ALSO

       ns_passwordcheck, ns_crypt

KEYWORDS