bionic (3) ns_requestauthorize.3aolserver.gz

Provided by: aolserver4-dev_4.5.1-18.1_amd64 bug

NAME
       ns_requestauthorize - commands


SYNOPSIS
       ns_requestauthorize option ?arg arg ...?
_________________________________________________________________


DESCRIPTION
   ns_requestauthorize method URL authuser authpassword ?ipaddr?
       Ask  the server to check permissions using nsperm.  This function does the same permission check that the
       AOLserver does before serving a URL. If the nsperm module is loaded, the algorithm is as follows.

       1. If the authuser is "nsadmin", the password is correct, and the IP address of  the  client  is  allowed
          nsadmin access, then access is authorized.

       2. Find  the  relevant  permission  record.  If  an exact match for the method and URL combination is not
          found, the end of the URL is pared down until a match is found. For example, if there is no match  for
          `/products/cereals/raisin_bran.html,'  then  the  server  looks  for  a  permission record for the URL
          `/products/cereals.' If that permission record is specified as "Exact URL match is NOT required", then
          that permission record is used.

       By  default,  the  server  comes  with  a  row  that says GET on `/' is open to the world. If no relevant
       permission record is found, access is denied (forbidden).

       1. If the authuser is in the "Allow Users" list, access is permitted. If the authuser is a  member  of  a
          group in the "Allow Groups" list and not in the "Deny Users" list, access is permitted.

       2. If  the  host  is  in  the "Hosts to allow" list, access is permitted. If the host is in the "Hosts to
          deny" list, access is denied.

       3. If the request does not come in with authorization data, access is denied.

       4. The user and password are verified. If there is no password specified in the database, any password is
          accepted.

       5. Otherwise, access is denied.

   Return Values:
       The following values can be returned by ns_requestauthorize.

       OK         The user has permission to execute this URL and method.

       DENIED     The user does not have permission to execute this URL and method.

       FORBIDDEN  There is no possible user/password/IP Address combination that would give authorization.

       ERROR      There was an error.


SEE ALSO
       ns_passwordcheck, ns_crypt


KEYWORDS