MQX Software Solutions中的主题 Re: HTTP Server Authentication

HTTP Server Authentication

Joe2 — Thu, 04 Nov 2010 18:37:52 GMT

Hi Guys

I can't see any basic or digest authentication in the RTCS HTTP server. Have I missed something obvious, or have these features been taken out and are something I need to approach Embedded Access for?

I need to put in some kind of fairly simple password-based security... just wondering what everyone thought the best course of action would be.

Cheers!

Joe

Re: HTTP Server Authentication

JonSmith — Thu, 29 Oct 2020 09:06:00 GMT

I solved this issue by follow steps:

1. In file ../Freescale MQX 3.5/rtcs/source/httpd/httpd.c

go to function

static void httpd_processreq(HTTPD_STRUCT *server, HTTPD_SESSION_STRUCT *session)

find a line

int cgi = 0, res = 0, auth = 0;    // authorization required flag

and change it to

int cgi = 0, res = 0, auth = 1;    // authorization required flag

In same file find a function

void httpd_ses_init(HTTPD_STRUCT *server, HTTPD_SESSION_STRUCT *session, const int sock)

and insert line

HTTPD_MEMZERO(session->request.auth, server->params->max_auth);

before

#if HTTPDCFG_POLL_MODE        session->line_used = 0;#endif

2. Add to my project authentification callback function like this:

int _http_auth_internal (HTTPD_SESSION_STRUCT* session){  // check user login  if (strncmp(session->request.auth, your_login, YOUR_LOGIN_SIZE) != 0)    return 1;  // check user password  if (strncmp(session->request.authPasswd, your_pass, YOUR_PASSWORD_SIZE) != 0)    return 1;  // all good  return 0;}

And attach this callback with

HTTPD_SET_PARAM_AUTH_FN(server, _http_auth_internal);

That's all. Work fine in my project on MQX version 3.5.

Re: HTTP Server Authentication

JonSmith — Thu, 04 Nov 2010 23:15:48 GMT

And of course recompile RTCS after changes from my previous post.

Regards!

Re: HTTP Server Authentication

Joe2 — Fri, 05 Nov 2010 17:29:49 GMT

Hi JonSmith

That's brilliant, thanks! I think that's just saved me a day's coding.

Virtual bottle of wine coming through now...

Joe

Re: HTTP Server Authentication logout???

r_letourneur — Mon, 05 Sep 2011 14:49:04 GMT

Hi, This Authentification code is working fine! So now I would like to know what is the best way to logout the server???

I would like to recall the Authentification windows in the browser if the user try to click on a link after to logout.
Regis.

Re: HTTP Server Authentication

r_letourneur — Tue, 06 Sep 2011 21:31:02 GMT

2011-09-05 08:49 AM

Hi, This Authentification code is working fine! So now I would like to know what is the best way to logout the server???

I would like to recall the Authentification windows in the browser if the user try to click on a link after to logout.
Regis.

Re: HTTP Server Authentication

cartelectronic — Thu, 29 Oct 2020 09:06:02 GMT

Hello,

I am new on MQX and RTCS and I would like to use the Authentification code, but i don't understand or and how integrate him into my code !

I change and recompile RTCS as JonSmith describes it, but I am stopped by:

2. Add to my project authentification callback function like this:

int _http_auth_internal (HTTPD_SESSION_STRUCT* session){  // check user login  if (strncmp(session->request.auth, your_login, YOUR_LOGIN_SIZE) != 0)    return 1;  // check user password  if (strncmp(session->request.authPasswd, your_pass, YOUR_PASSWORD_SIZE) != 0)    return 1;  // all good  return 0;}

And attach this callback with

HTTPD_SET_PARAM_AUTH_FN(server, _http_auth_internal);

Have you an example or more information ?

Beforehand thank you !

PS sorry for my very bad English

Re: HTTP Server Authentication

cartelectronic — Thu, 29 Oct 2020 09:06:04 GMT

Hello,

I found why it did not work, i use MQX 3.8 !

change:

int _http_auth_internal (HTTPD_SESSION_STRUCT* session)

int32 _http_auth_internal (HTTPD_SESSION_STRUCT* session)

and i work fine on MQX 3.8

Regards

Re: HTTP Server Authentication

massimoballerin — Mon, 25 Mar 2013 14:30:36 GMT

Hello!!!

It is my first work on Freescale platform!! I have tried your suggest and it works fine!!!! But... I want something different... :smileyconfused: Is it possible to have the authorization form (pop-up with user and password) showed only when the user goes in a particular page html?

Have you got any idea for implement this feature?

Thank you very much!!!!

Re: HTTP Server Authentication

massimoballerin — Mon, 25 Mar 2013 16:22:57 GMT

Solved! It was easier than I thought...
I examine the request and, if it is the protected page, active authorization flag.

if(strcmp(" request ",session->request.path) == 0)

{

auth=1;

}

:smileywink: