diff options
| author | goodale <goodale@1faa4e14-9dd3-4be0-9f0e-ffe519881164> | 2000-09-20 09:50:50 +0000 |
|---|---|---|
| committer | goodale <goodale@1faa4e14-9dd3-4be0-9f0e-ffe519881164> | 2000-09-20 09:50:50 +0000 |
| commit | 867f3c6e4f757fb2f18558d9c8c2e80f5d339bc3 (patch) | |
| tree | a8be101d3e1fcb04bfa2f176f9f4978d1929fe08 /src/Content.c | |
| parent | cb5cd7fc95e10d23c625798c1d5f627dcf8e8716 (diff) | |
Make sure the user is authorised to control the simulation, not just to
get to the control page 8-)
Tom
git-svn-id: http://svn.cactuscode.org/arrangements/CactusConnect/HTTPD/trunk@59 1faa4e14-9dd3-4be0-9f0e-ffe519881164
Diffstat (limited to 'src/Content.c')
| -rw-r--r-- | src/Content.c | 73 |
1 files changed, 50 insertions, 23 deletions
diff --git a/src/Content.c b/src/Content.c index 0a92ee6..6f7ffb7 100644 --- a/src/Content.c +++ b/src/Content.c @@ -1170,38 +1170,65 @@ static int ControlSet(cGH *cctkGH, httpRequest *request) char message[4098]; const char *runstate; - runstate = HTTP_ArgumentValue(request,"runstate"); + int notauthorised; + char thisuser[USER_LENGTH+1]; - switch(*runstate) + notauthorised = HTTP_AuthenticateBasic(request, "user", thisuser, USER_LENGTH); + + if(!notauthorised) { - case 'T' : HTTP_SteerQueue(CCTK_THORNSTRING, "terminate", "yes"); - ControlTerminationPage(cctkGH, request); - break; - case 'P' : HTTP_SteerQueue(CCTK_THORNSTRING, "pause", "yes"); - break; - case 'R' : HTTP_SteerQueue(CCTK_THORNSTRING, "pause", "no"); - break; - default : - fprintf(stderr, "Unknown runstate '%s'\n", runstate); - } + runstate = HTTP_ArgumentValue(request,"runstate"); + + switch(*runstate) + { + case 'T' : HTTP_SteerQueue(CCTK_THORNSTRING, "terminate", "yes"); + ControlTerminationPage(cctkGH, request); + break; + case 'P' : HTTP_SteerQueue(CCTK_THORNSTRING, "pause", "yes"); + break; + case 'R' : HTTP_SteerQueue(CCTK_THORNSTRING, "pause", "no"); + break; + default : + fprintf(stderr, "Unknown runstate '%s'\n", runstate); + } - /* Now redirect the browser to the normal page */ - /* Status message */ - if(request->http_major_version < 1 || - (request->http_major_version == 1 && request->http_minor_version < 1)) - { - /* Older browsers don't understand 303 */ - strcpy(message,"HTTP/1.0 302 Found\r\n"); + /* Now redirect the browser to the normal page */ + /* Status message */ + if(request->http_major_version < 1 || + (request->http_major_version == 1 && request->http_minor_version < 1)) + { + /* Older browsers don't understand 303 */ + strcpy(message,"HTTP/1.0 302 Found\r\n"); + } + else + { + strcpy(message,"HTTP/1.0 303 See Other\r\n"); + } + + sprintf(message, "%sLocation: /control.html/\r\n\r\n", message); + + HTTP_Write(request, message, strlen(message)); } else { - strcpy(message,"HTTP/1.0 303 See Other\r\n"); - } + /* Not authorised */ + strcpy(message,"HTTP/1.0 401 Unauthorized\r\n"); - sprintf(message, "%sLocation: /control.html/\r\n\r\n", message); + HTTP_Write(request, message, strlen(message)); + + strcpy(message,"WWW-Authenticate: Basic realm=\"Cactus Control\"\r\n"); - HTTP_Write(request, message, strlen(message)); + HTTP_Write(request, message, strlen(message)); + + HTTP_CookieCancel(request,"user", "/"); + + strcpy(message,"Content-Type: text/html\r\n\r\n"); + + HTTP_Write(request, message, strlen(message)); + HTTP_Write(request, notauthorized_page, strlen(notauthorized_page)); + } + return 0; } |