Authenticate User Via CGI Script?

Heath

Currently running TS 6.5 SP1 on Solaris 9.

I've recently created a CGI script which allows a user to change their password by clicking on a link from within TS. I link to my password change script using the iw_cgi_wrapper.cgi script which then runs my password script as the user who is logged in. All of this works well.

I also have a requirement to check for several conditions upon login including such things as an expired password. I have changed the form action in the login.jsp file to point to another CGI script in which I perform all needed checks and then redirect to a number of different pages based on these checks. For instance, I may redirect to a page which notifies the user that his or her account has been locked or I may redirect the user into TS if everything looks good, to name a couple. In my CGI script I create a form to hold the form data created by the login.jsp page, this way when I redirect (post) to TS the authentication and everything works as expected and all is good.

My problem comes when I detect that a user must change his or her password before being allowed into TS. Here, once again I redirect the user to my change password CGI script (or a similar version if needed) where the user can change their password and then be redirected into TS. At this point I may need to send the user back to the TS login so that their new credentials can be encrypted by the login.jsp page, if so that's fine.

Unfortunately I'm not able to successfully change the users password because the user is not yet logged in. My change password script works perfectly when the user is logged in and the script is link to through the iw_cgi_wrapper.cgi script. But if the user isn't logged in then this script complains about the lack of the user's session. If I try to use my change password script without linking through the iw_cgi_wrapper.cgi script then the password script doesn't work correctly, even with changes to the way it's written it just won't work like that.

Does anyone know how I can authenticate users from my CGI script so that when I need to redirect them to the change password script I can do it through the iw_cgi_wrapper? I think the user would need to be authenticated and have a session created for this to work correctly.

I know this should be possible as I've done a lot of readings through the forums and have found a similar post in which this was done but unfortunately no code was posted so I don't know how to make this happen.

http://devnet.interwoven.com/forums_vb/showthread.php?t=7519&forumid=11&highlight=authentication+tool

Sorry for such a long post but I felt that I should try to fully explain my situation.

Thanks in advance,
Heath

reddyl

Does anyone know how I can authenticate users from my CGI script so that when I need to redirect them to the change password script I can do it through the iw_cgi_wrapper? I think the user would need to be authenticated and have a session created for this to work correctly. Thanks in advance, Heath

I am not sure if you can authenticate a user if the user password is already expired. You can check for "IWAUTH" cookie and redirect the user to the TeamSite login page and once the user is authenticated you can redirect the user to wrapped version of the cgi script to change password.

URL to redirect the user to the wrapped cgi script
http://ts-server/iw-cc/command/iw.base.show_done_page?full_redirect=true&done_page="http://ts-server/iw-bin/iw_cgi_wrapper.cgi/ts-password-change-script.ipl"