$Web_Realm

From m204wiki
Revision as of 19:06, 6 June 2012 by Admin (talk | contribs) (1 revision)
Jump to navigation Jump to search

<section begin="desc" />Set web "realm" for "Unauthorized" response<section end="desc" />


$Web_Realm allows the setting of the web "realm" before sending an "Unauthorized" response to the browser.

Syntax

<section begin="syntax" /> %RC = $Web_Realm( realm_name ) <section end="syntax" />


$Web_Realm is a callable $function (see Calling Sirius Mods $functions), and it takes a single argument and returns a number.

realm_name Specifies the name of the realm to which a userid and password combination applies. This is a required parameter.


Web realms can serve several purposes:

  • By having multiple realms for a single host, different URLs could be made available to different sets of users.
  • The realm could be used to send an arbitrary message to the browser to appear in a login pop-up window.
  • Realms could be dynamically generated to prevent browsers from caching userids and passwords at public workstations.


The realm sent by $Web_Realm is not sent to a browser unless a status of 401 ("Unauthorized") is sent to the browser. This means that a $Web_Realm call is meaningless unless followed by a $Web_Done with a status code of 401, for example

%RC = $Web_Realm('Toxico Database Systems') %RC = $Web_Done(401, 'Unauthorized')


If all the $Web_Realm calls for a port in an Online are to have the same realm, it probably makes more sense to set the realm with the WEBREALM parameter () on the JANUS DEFINE command for the port.

While $Web_Realm can be used in any code, its most common use would be in exception rules (), especially those associated with logon processing such as LOGONERR and NEWPASSWORD.