[gPXE] Question about gPXE login command

Eric G. Wolfe eric.wolfe at marshall.edu
Sat Jul 10 00:19:18 EDT 2010


I was looking at the proof-of-concept per-user menus, here: 
http://etherboot.org/wiki/appnotes/authmenus and had a couple questions.

I assume the gPXE login command is implemented in C code, as opposed to 
using external Apache basic auth modules, is that a correct assumption?  
Could Apache auth module support be implemented?

The reason I ask is that I want to provide dynamic PXE menus, based on a 
user's Active Directory LDAP group membership.  So this is what I am 
thinking.  I can do mod_auth_kerb authentication with Apache, coupled 
with an AD group membership checker which I have already implemented in 
Perl 
(http://webpages.marshall.edu/~wolfe21/perl/Net-LDAP-ADGroup-v0.2.tar.gz).

So, in the PHP example, there is  an escaped 
"\${username:uristring}:\${password:uristring}" in the first part of the 
chaining process.  Are these GET/POST variables set by the login command 
C code, or is this a PHP thing?  Could that behavior be replicated in 
Perl, just as easily?  I was thinking if I passed the username/password 
URI to a mod_auth_kerb protected directory, it would pass through 
without much effort on my part.

If I understand correctly the process would be something along the lines of:
A gPXE login cmd is first called which then chainloads to a user/pass 
encoded URI -> this could get passed to a mod_auth_kerb protected 
script, which then looks up AD group membership and generates a dynamic 
pxelinux menu based on that group membership.

In other words, as I understand it, the first gPXE script cannot 
generate a login UI for any given Apache Basic Auth module.  Because 
gPXE, uses its own C code to "draw" a login UI for authentication, is 
that correct?  I'm not that familiar with PHP to grasp whether 
${password:uristring} that is a built-in PHP thing, a global variable, 
or something that the gPXE login command exports for use by any 
server-side scripting language.

-- 
Eric G. Wolfe
Senior Linux Administrator,
IT Infrastructure Systems
--------------------------------------
Marshall University Computing Services
Drinko Library 428-K
One John Marshall Dr.
Huntington, WV 25755

Reactor error - core dumped!



More information about the gPXE mailing list