Lighttpd

danielwlewis wrote:

I'm obviously missing something here...

I wrote the simple cgi program in C shown below to display the value of the environment variable, "REMOTE_USER", but after logging in with authentication on my website it still always displays "NULL". I have mod_cgi among my server modules and other cgi programs are working OK. Is there something more I need to do? E.g., is there something needed in mod_setenv to make this environment variable accessible?

[BTW: I CAN access REMOTE_USER using mod_ssi (server side include) and putting
#echo var="REMOTE_USER" into an .shtml page, but I don't want to expose the username in the returned html text of the .shtml page.]

Thanks!
Dan

[...]

A bit more information: I modified the test cgi program to output more of the standard environment variables and discovered that although some variables are reported as expected (e.g., REMOTE_ADDR) it reports AUTH_TYPE = NULL. That makes me think that perhaps it's because the folder containing the cgi program is not within the root directory of the website where it would be protected by authentication. However, moving it didn't seem to help. Here's my server configuration. Please let me know if you see something that needs to change.

server.modules += (
"mod_indexfile",
"mod_rewrite",
"mod_expire",
"mod_ssi",
"mod_deflate",
"mod_setenv",
"mod_alias",
"mod_cgi",
"mod_authn_file" 
)

#--- mod_indexfile ----------------------------------------------------------
index-file.names += ( "index.html", "index.shtml" )

#--- mod_rewrite ----------------------------------------------------------
url.rewrite-once += ( "^/[0-9A-Za-z]{6,6}/(.*)$" => "/WebGenealogy/$1" )

#--- mod_expire ----------------------------------------------------------
$HTTP["url"] == "index.html" { expire.mimetypes += ("text/" => "access plus 0 seconds") }
else $HTTP["url"] == "index.shtml" { expire.mimetypes += ("text/" => "access plus 1 hour") }
else {
expire.mimetypes += ("text/html" => "access plus 1 hour") 
expire.mimetypes += ("text/css" => "access plus 1 month")
expire.mimetypes += ("text/javascript" => "access plus 1 month")
expire.mimetypes += ("image/" => "access plus 1 month")
}

#--- mod_ssi ----------------------------------------------------------
ssi.extension     = ( ".shtml" )

#--- mod_deflate ----------------------------------------------------------
deflate.mimetypes = ("text/")
deflate.allowed-encodings = ( "gzip", "br", "deflate", "zstd" ) 
deflate.min-compress-size = 256
deflate.max-compress-size = 131072
deflate.cache-dir = "/Large2/Data/WebDocuments/WebCache" 

#--- mod_setenv ----------------------------------------------------------
setenv.add-response-header += ( "Cache-Control" => "must-revalidate")

#--- mod_alias ----------------------------------------------------------
alias.url += ( "/cgi-bin" => "/Large2/Data/WebDocuments/cgi-bin" )

#--- mod_cgi ----------------------------------------------------------
$HTTP["url"] =~ "^/cgi-bin" {  cgi.assign = ( "" => "" ) }

#--- mod_authn_file ----------------------------------------------------------
auth.backend = "htpasswd" 
$HTTP["url"] =~ "^/WebGenealogy/" {
  auth.backend.htpasswd.userfile = "/Large2/Data/WebDocuments/WebGenealogy/authuser.txt" 
  auth.require = ("/WebGenealogy" => (
"method"  => "basic",
"realm"   => "Genealogy",
"require" => "valid-user" 
  ))
}

# There's more, but it's for other websites and thus not relevant.

lighttpd mod_cgi works fine with auth.

#!/bin/sh
echo -e "Status: 200\n\n$REMOTE_USER" 

I have not read through your most recent post, but it is likely that you are not authenticating when accessing the CGI.

See DebugVariables. You might want to log the request headers to see if Authorization is being sent by the client.

You have configured auth only for paths under /WebGenealogy.
/cgi-bin/ is not under /WebGenealogy

Thanks! That's what I suspected, based on my last post but it's nice to have someone confirm it! :-)

'Looks like I have a little more configuration work to do ....

Dan