Method for executing a user-requested CGI program in a new authentication context while protecting operation of a default web server program

Assignee

• International Business Machines Corporation · US

Inventors

• Michael Bradford Ault · Austin, US
• Garry L. Child · Austin, US
• Ernst Robert Plassmann · Pflugerville, US
• Bruce Arland Rich · Round Rock, US
• Theodore Jack London Shrader · Austin, US
• Davis Kent Soper · Cedar Park, US

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY10S707/99952
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method of executing Common Gateway Interface (CGI) programs in a computer network having a Web client and a Web server, the server connectable to a secure distributed file system of a distributed computing environment. If a Web client user request requires CGI processing, the requested CGI program is run in a new process spawned from the Web server thread and executing within the context of the temporary user identity set up with the proper DCE credentials. This function is effected by saving the name and path of the user-requested CGI program and then substituting the name and path of an encapsulation CGI program. The encapsulation CGI program starts the user-requested CGI program in a new process (i.e. a desktop) within the context of the temporary user identity (having proper DCE credentials). The encapsulation program thus ensures that the CGI program being executed cannot harm the default Web server desktop.