[gPXE] Question about gPXE login command
Eric G. Wolfe
eric.wolfe at marshall.edu
Sat Jul 10 00:19:18 EDT 2010
I was looking at the proof-of-concept per-user menus, here:
http://etherboot.org/wiki/appnotes/authmenus and had a couple questions.
I assume the gPXE login command is implemented in C code, as opposed to
using external Apache basic auth modules, is that a correct assumption?
Could Apache auth module support be implemented?
The reason I ask is that I want to provide dynamic PXE menus, based on a
user's Active Directory LDAP group membership. So this is what I am
thinking. I can do mod_auth_kerb authentication with Apache, coupled
with an AD group membership checker which I have already implemented in
Perl
(http://webpages.marshall.edu/~wolfe21/perl/Net-LDAP-ADGroup-v0.2.tar.gz).
So, in the PHP example, there is an escaped
"\${username:uristring}:\${password:uristring}" in the first part of the
chaining process. Are these GET/POST variables set by the login command
C code, or is this a PHP thing? Could that behavior be replicated in
Perl, just as easily? I was thinking if I passed the username/password
URI to a mod_auth_kerb protected directory, it would pass through
without much effort on my part.
If I understand correctly the process would be something along the lines of:
A gPXE login cmd is first called which then chainloads to a user/pass
encoded URI -> this could get passed to a mod_auth_kerb protected
script, which then looks up AD group membership and generates a dynamic
pxelinux menu based on that group membership.
In other words, as I understand it, the first gPXE script cannot
generate a login UI for any given Apache Basic Auth module. Because
gPXE, uses its own C code to "draw" a login UI for authentication, is
that correct? I'm not that familiar with PHP to grasp whether
${password:uristring} that is a built-in PHP thing, a global variable,
or something that the gPXE login command exports for use by any
server-side scripting language.
--
Eric G. Wolfe
Senior Linux Administrator,
IT Infrastructure Systems
--------------------------------------
Marshall University Computing Services
Drinko Library 428-K
One John Marshall Dr.
Huntington, WV 25755
Reactor error - core dumped!
More information about the gPXE
mailing list