Procedure Information for wsAuth.tcl:

  1. createAuthDb
  2. verify
  3. checkAuth
  4. checkIssuer
  5. parseDN
  6. getUserData
  7. getEnvDN
  8. authTrans
  9. getHosts
  10. isAdmin


    Procedure: createAuthDb

    Procedure to parse and store database related to user authentication and access authorization


    Procedure Data

    • Name: createAuthDb
    • Parent Namespace: webSubmit::auth
    • Arglist:
    • Return: Status


    Argument definitions:



    Procedure: verify

    Procedure to grant or deny access to WebSubmit CGI scripts


    Procedure Data

    • Name: verify
    • Parent Namespace: webSubmit::auth
    • Arglist:
    • Return: Access granted = 1, Access denied = Bomb


    Argument definitions:



    Procedure: checkAuth

    Procedure to verify a user's permission to access WebSubmit


    Procedure Data

    • Name: checkAuth
    • Parent Namespace: webSubmit::auth
    • Arglist:
    • Return: 0 (Verified) or Error


    Argument definitions:



    Procedure: checkIssuer

    Procedure to verify that the certificate issuer matches one of those accepted by WebSubmit


    Procedure Data

    • Name: checkIssuer
    • Parent Namespace: webSubmit::auth
    • Arglist:
    • Return: 0 (Verified) or Error


    Argument definitions:



    Procedure: parseDN

    Procedure to parse a DN string and break it into a more useful format


    Procedure Data

    • Name: parseDN
    • Parent Namespace: webSubmit::auth
    • Arglist: dnString dnArrName
    • Return: None


    Argument definitions:

    • dnString : DN string
    • dnArrName : Name of array containing DN data in calling scope


    Procedure: getUserData

    Procedure to extract wsID and userName from client distinguished name data (stored in clientDN)


    Procedure Data

    • Name: getUserData
    • Parent Namespace: webSubmit::auth
    • Arglist:
    • Return: Parsed User Distinguished Name (DN) data or Error


    Argument definitions:



    Procedure: getEnvDN

    Procedure to retrieve a distinguished name from the CGI environment and break it into its components


    Procedure Data

    • Name: getEnvDN
    • Parent Namespace: webSubmit::auth
    • Arglist: dnEnvName dnArrName
    • Return: None


    Argument definitions:

    • dnEnvName : Name of environment variable in which DN resides
    • dnArrName : Array to contain DN data


    Procedure: authTrans

    Procedure to translate a valid websubmit user ID into a login on a specified remote hostname


    Procedure Data

    • Name: authTrans
    • Parent Namespace: webSubmit::auth
    • Arglist: hostName
    • Return: Login name for current websubmit user on hostName OR Error


    Argument definitions:

    • hostName : The name of the remote host


    Procedure: getHosts

    Procedure to return list of WebSubmit target hosts


    Procedure Data

    • Name: getHosts
    • Parent Namespace: webSubmit::auth
    • Arglist:
    • Return: List of WS hosts in auth.db


    Argument definitions:



    Procedure: isAdmin

    Procedure to determine if a user has a valid administrator wsID


    Procedure Data

    • Name: isAdmin
    • Parent Namespace: webSubmit::auth
    • Arglist:
    • Return: 1 = admin user, 0 = regular user


    Argument definitions: