Proxy server for off-site access to Web licensed products

Kerry BOUCHARD at LIB.IS.TCU.EDU
Thu Dec 12 10:15:12 EST 1996 

     
    We are using exactly the solution you describe:

>                         In this scenario, the user would use a
>special form of URL such as http://fixer.maricopa.edu?http://www.eb.com,
>which would cause the browser to contact fixer.maricopa.edu, fixer would
>then contact www.eb.com, pull down the page, modify all of the URLs in the
>page by preceding them with http://fixer.maricopa.edu? (actually, not

by using CGI scripts on our system that invoke Lynx with the -SOURCE, (and 
when necessary -AUTH=) parameters to grab the remote pages, and a home-grown 
program that massages the URL's in the pages that Lynx retrieves.  The CGI 
scripts are protected with Access Authentication rules, so people have to 
enter their university ID numbers to show that they belong to our system 
before they can run the scripts; after that, the scripts get them into 
services that require a Name and Password, a campus IP address, or both.  
   Our operating system is VMS, so the CGI scripts are written in DCL and 
are not portable.  Most of the work is done by Lynx, and by the program that 
massages the URL's: it is written in Pascal.  I suppose most of it would be 
portable, but it does contain VMS-specific code for accessing DCL symbols.

    This still has the disadvantage of routing everything through our server,
and is an ugly kludge as far as I'm concerned.  (The way it handles graphics
and redirects is real ugly, but so far it is working with the vendors we 
subscribe to).  It would be nice if the HTTP protocol included a "Remote 
Authentication" message that a server could send to a browser to give the 
browser the name and password to use with another server, but there doesn't 
seem to be any way to do that currently. (The "407 Proxy Authentication 
Required" message in HTTP 1.1 doesn't solve the problem, unless I'm 
misreading the spec).  Then vendors could validate by name and password 
the way they did in the old Telnet world, and a simple 3 or 4 line CGI 
script on our system could tell our users' browsers what name and password 
to use, without the user being able to see it.
    I keep waiting for a vendor to call and ask why everyone on our campus 
uses Lynx instead of Netscape or MIE, but so far it hasn't happened.

           -Kerry Bouchard, Automated Systems Manager
            Mary Couts Burnett Library, TCU
            K.BOUCHARD at TCU.EDU

More information about the Web4lib mailing list