I have developed a passenger app. This app has called an internal function. For security reasons, we have changed the internal function to prompt for password. Is it possible to show a message box from a passenger app so that the user can enter password?
Didn’t they have to login through your apache? I mean apache already provides authentication.
If you want to limit the users who can use the app, just chmod and chown the files in the directory /var/www/ood/apps/sys/<my app>. If you chmod 750 then chown -R root:staff only users in the staff unix group will be able to use the app after they’ve already authenticated through apache.
The same script will be used in a web application, in which no authentication is required. Thus, there is an authentication step.
When I used this script through Open Ondemand passenger app, this generates an extra step to re-authenticate the user. Does Open Ondemand cache the password in an environmental variable? If so, I can use the variable to call the script. Otherwise, Is it possible to show a message box from a passenger app so that the user can enter password again?
Everything under /pun will need authentication. So your users will need to authenticate to even see the application.
That said - OnDemand doesn’t deal with authentication and in-fact we strip out those Headers before the request makes it to the Passenger application. So no, OnDemand doesn’t have access to your password at any time.
Sounds like your web application needs to provide a form on some page so that your users can fill out to re-enter their password. When users submit the form, your web application can extract the information from the parameters it’s being passed.
This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.