Gossamer Forum
(Advanced Search)
for
Home : General : Perl Programming :

Restricting Access/IP Addresses Via Perl on NT

May 19, 1999, 6:40 PM
Eliot
Deleted
May 19, 1999, 6:40 PM
Post #1 of 11
Views: 6378
Shortcut
Quote Reply
Restricting Access/IP Addresses Via Perl on NT
Hi there. I know that this may seem like a strange request. I do know that on NT you can restrict directory access via Directory Security option in the Properties function in MMS. However, I was wondering if there is a way within perl scripts to restrict access to information within a database.

See, we are using DBMAN for our Job Hot-Line at our College. We would like to a way to post internal postings that can only be accessed by users in the College. In addition, we are using DBMAN for our Employee Directory and would like to post detailed records to only College employees and students who access our web site via
computers in our network.

Yes, I could put all this data into a separate database and place it in our Intranet site. However, I would like to have it streamlined for the Data Managers who input data into the databases, rather than having them fill out separate forms for the Internet and then for the Intranet.

Any ideas???

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us
May 19, 1999, 11:45 PM
dahamsta
User (429 posts)
May 19, 1999, 11:45 PM
Post #2 of 11
Views: 6171
Shortcut
Quote Reply
Re: Restricting Access/IP Addresses Via Perl on NT In reply to
Hi Eliot,

I would suggest a small subroutine at the top of db.cgi that checks the IP or remote host and matches it with an array of the college's IP or remote host addresses. If they match, let them through to the rest of the script, if they don't, send them an access denied screen.

You could probably build it into auth.pl too, but I've never gone near that section of the script so I couldn't help ya there.

Something like this should do the trick:

Code:
@hosts = ('pr1.college.com','pr3.college.com','etc.college.com');
local($flag) = 0;

if ($ENV{'REMOTE_HOST'}) {
foreach $host (@hosts) {
if ($host eq $ENV{'REMOTE_HOST'}) {
$flag = 1;
last;
}
}
}
if ($flag != 1) {
&cgierror("Sorry, you're not authorized to use this script.")
}

This isn't tested, it's just a sample of what *could* be used. For instance, you might want to send the error to a nicer error page. Hope it gets you started anyway...

adam

[This message has been edited by dahamsta (edited May 20, 1999).]
May 20, 1999, 4:25 AM
Eliot
Deleted
May 20, 1999, 4:25 AM
Post #3 of 11
Views: 6199
Shortcut
Quote Reply
Re: Restricting Access/IP Addresses Via Perl on NT In reply to
Thanks, dahamsta. I appreciate it. That is certainly a good starting point. However, I do want most of the databases to be "public" in the sense that that anyone can access most of the job postings. Just those records that are for internal job postings would have to be blocked.

Hmm...But I think you have provided a good starting point.

Thanks.

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us
May 20, 1999, 5:14 AM
dahamsta
User (429 posts)
May 20, 1999, 5:14 AM
Post #4 of 11
Views: 6190
Shortcut
Quote Reply
Re: Restricting Access/IP Addresses Via Perl on NT In reply to
Ahhh! I see said the blind man...

I'll have a little think about that one. Smile

adam
May 20, 1999, 5:25 AM
Eliot
Deleted
May 20, 1999, 5:25 AM
Post #5 of 11
Views: 6177
Shortcut
Quote Reply
Re: Restricting Access/IP Addresses Via Perl on NT In reply to
I wonder if there is a way to add something like:

if ($data[3] eq "Internal") {
print "$internal_view"
}

with the codes you have provided. There should be a way to first checks the IP Address of the REMOTE HOST before printing the internal record. I see that the db.cgi file needs to be edited and new codes inserted into the html.pl file.

I apologize that I have posted this issue in this forum, but I feel that it may have application in other scripts that people may be using.

Please continue to brainstorm on this topic. I appreciate your help.

Thanks.



------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us
May 20, 1999, 5:42 AM
dahamsta
User (429 posts)
May 20, 1999, 5:42 AM
Post #6 of 11
Views: 6234
Shortcut
Quote Reply
Re: Restricting Access/IP Addresses Via Perl on NT In reply to
Hi Eliot,

If I might make a suggestion, I think you're route for now should be to see if you can get the remote_host restriction working. If you don't want to affect the main jobs database, just copy everything over to another executable dir and start tinkering with it.

Usually it's best to take these things one step at a time.

adam
May 20, 1999, 5:49 AM
dahamsta
User (429 posts)
May 20, 1999, 5:49 AM
Post #7 of 11
Views: 6195
Shortcut
Quote Reply
Re: Restricting Access/IP Addresses Via Perl on NT In reply to
Sorry, off thread but...

What does LLC stand for? Is it Limited Liability Company or something? I see it all over the shop and my curiousity has been piqued... Smile

adam
May 20, 1999, 5:55 AM
Eliot
Deleted
May 20, 1999, 5:55 AM
Post #8 of 11
Views: 6260
Shortcut
Quote Reply
Re: Restricting Access/IP Addresses Via Perl on NT In reply to
Yes, it means Limited Liability Corporation.
It is a lot easier to establish than a "Incorporated Company" or 5013(c) -(Non For Profit Organization). L.L.C provides similar liability benefits as INC and it is beneficial for smaller companies.

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us
May 20, 1999, 6:04 AM
dahamsta
User (429 posts)
May 20, 1999, 6:04 AM
Post #9 of 11
Views: 6172
Shortcut
Quote Reply
Re: Restricting Access/IP Addresses Via Perl on NT In reply to
Thanks Eliot,

We just have plain ol' Ltd. over here!

adam
May 20, 1999, 6:40 AM
Eliot
Deleted
May 20, 1999, 6:40 AM
Post #10 of 11
Views: 6198
Shortcut
Quote Reply
Re: Restricting Access/IP Addresses Via Perl on NT In reply to
No problem...I will be working on this issue in the next few days and will post my findings.

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us
Jun 1, 1999, 10:07 AM
Eliot
Deleted
Jun 1, 1999, 10:07 AM
Post #11 of 11
Views: 6179
Shortcut
Quote Reply
Re: Restricting Access/IP Addresses Via Perl on NT In reply to
Well, dahamsta...it didn't work. I will try some other codes that I've picked up and try it again. Thanks for your input though.

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us