Re: Environment Variables

["Peter Connell" <Peter.Connell@xxxxxxxxxxxxxxxxx>]

Wayne,

Presuming that your HTTP server is configured for Basic Authentication
(not some roll your own log in method) to apply to specific url
requests, then you can be assured that, once you have logged on to the
server, then the REMOTE_USER environment will most certainly be
populated. If you are not retrieving it then you must have an issue with
the mechanism you are using to retrieve it.  It's there for all to
retrieve.

You can prove this quite easily without writing any code.
Simply start the HTTP server with verbose logging, for example,
STRTCPSVR SERVER(*HTTP) HTTPSVR(YOURSVR '-vv')

Then issue a request from the browser that will challenge you to log on.
Then end the HTTP server.
Then do a work job YOURSVR to track down the spool files that were
generated by the -vv option.

Each of the YOURSVR jobs shown should have a spool file named
QZSRHTTPTR.
One of them will relate to the particular job that handled your log on
request.
Simply scan each spool file for the string REMOTE_USER and you will find
that one of them will return a hit. It will show the REMOTE_USER
environment and it's value along with the list of every other
environment variable in existence during the processing of the request.

Note - *IOSYSCFG authority is required to start the server with -=the
-vv option set.

Cheers, Peter

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of Wayne McAlpine
Sent: Friday, 20 March 2009 14:23
To: web400@xxxxxxxxxxxx
Subject: Re: [WEB400] Environment Variables

I came up dry on REMOTE_USER as well.  It's got to be in there somewhere

because the log files show the user.

Haas, Matt (CL Tech Sv) wrote:
> REMOTE_USER will only be populated for resources that are protected
with basic authentication. There should not be a problem accessing it
from PHP as long as you remember to password protect the scripts. How
the passwords are physically stored has no impact on this being set or
not since the client sends the information as an HTTP header in the
request.
> Matt
>
> -----Original Message-----
> From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of Nathan Andelin
> Sent: Thursday, March 19, 2009 7:57 AM
> To: Web Enabling the AS400 / iSeries
> Subject: Re: [WEB400] Environment Variables
>
>
> Under Apache, try REMOTE_USER, which should be valid for non-SSL and
SSL.  Of course, REMOTE_USER might also come up blank if the user is
accessing a resource that doesn't pass through an Apache login prompt.
> If you're trying to access REMOTE_USER from PHP, all bets are off.
Can validation list users be referenced from PHP?
> ----- Original Message ----
> From: Wayne McAlpine <wayne.mcalpine@xxxxxxxxxxxxxxxxx>
> To: web400@xxxxxxxxxxxx
> Sent: Thursday, March 19, 2009 4:51:53 AM
> Subject: [WEB400] Environment Variables
>
> I'm trying to retrieve the user name of a user who signed on to a web 
> page from a validation list but I can't find the right environment 
> variable that contains this information.  LOGON_USER sounded like a
good 
> candidate, but it comes up blank.  Can anyone steer me to the right
one 
> to retrieve?  BTW, this is an SSL connection.