The Great Plains Free-Net (GPFN), a community-owned and operated Internet Service Provider in Regina, Saskatchewan, was embarking on a comprehensive modernization strategy. As part of this strategy, GPFN wanted to offer a number of new services and adopting a more member-centric philosophy. One problem with the previous User Management system was that very few volunteers understood or could manage it. It relied on an inter-related set of some 300 shell scripts and flat file tables from which to manage its database. The new design utilized a relational database engine for the back-end and a secure, web-enabled interface from which members, users, guests and volunteers could apply for accounts, upgrade accounts and approve, reject or revoke applications and accounts.
The system was designed to use a volunteer pool of developers to develop and implement the new system using a combination of MySQL, PERL, HTML and CSS as these were the skills the organization had in house.
The Great Plains Free-Net Inc., based in Regina Saskatchewan, is a non-profit, volunteer-driven corporation dedicated to providing low and no-cost internet connectivity to residents, community groups and organizations that are not sufficiently served by commercial Internet Service Providers (ISPs).
In particular, the Great Plains Free-Net caters to individuals:
For community groups, the Great Plains Free-Net offers:
Because of the mix of products and services offered to the public, the Great Plains Free-Net (GPFN) needs a User Management System (UMS) to manage its user base. As GPFN is volunteer driven, this system needs to be managed remotely by volunteers. As GPFN exclusively uses a Linux server base, any new system should be implemented in a Linux environment and be Internet and Web enabled.
In general, the UMS needs to provide the following functions:
To date, GPFN has used a software package called Chebucto Suite to perform all User Management functions. The Chebucto Community Network in Halifax, Nova Scotia wrote Chebucto Suite (or Csuite). It uses a collection of about 300 shell scripts and a series of flat file datastores to manage all aspects of a user’s account on the system. Because of the changing nature of the Internet market space, Csuite development is now halted as is system support and maintenance.
Csuite assumes that all users will interact with the system using the Csuite shell or “Cshell”. This Cshell is a restricted, custom compiled version of a lynx web browser. Lynx is a text-only web browser that renders HTML pages without displaying any graphics. The Csuite version of Lynx allows users to use keystrokes to branch off into a file editor, a mail reader (pine), as well as manage or review aspects of their user.
Csuite was written for RedHat Linux 4.1. GPFN is planning to upgrade to RedHat Linux 7.2 for its new server. A number of security concerns, new features, and system libraries predicate the need for this upgrade. However, in initial examination of the Csuite package, it is likely that any attempt to migrate Csuite to this new Linux platform would necessitate a line-by-line review of the existing Csuite code. Such a review would be very costly in terms of volunteer personnel resources and would be very specialized work. As well, GPFN did not use some Csuite features while Csuite could not support other desired features.
At the same time, new technology in existence since Csuite was initially developed means that the backend datastores can use a complete Relational Database System (RDBS) such as MySQL. The application logic can use newer more capable implementation languages. This combination of a RDBS and new implementation languages will result in a robust system that is more flexible to the business needs of GPFN and will require less development effort than that required for the rewrite of Csuite.
GPFN is embarking on a comprehensive modernization strategy. As part of this strategy, GPFN is offering a number of new services and adopting a more member-centric philosophy. One problem with the existing system is that very few volunteers understand or can manage Csuite. Therefore member inquiries, problems or complaints often took a number of days to resolve. This delay resulted in member and volunteer frustration. At the same time, the Csuite package was hard-coded in terms of services and member categories, resulting in a collection of ad-hoc systems, databases and other methods to manage services and membership classes specific to GPFN.
While GPFN wants to maintain the Cshell for use by members and users who have older equipment, a growing number of members do not use Cshell. These members often use GPFN’s PPP connection for graphical web browsing, some POP client to connect to GPFN’s mail servers, or a third party high-speed internet connection to view GPFN’s web resources. For these users, a web-enabled system to allow them to review their account settings and change account parameters (such as passwords) is important.
It is expected that GPFN volunteers would interact with the new system using a graphical web browser. However, there will be users and volunteers who prefer the Lynx browser as their user interface. For this reason, any user interface should be implemented so that it does not make use of a graphics intensive front end. Similarly, the use of imagemaps, Javascript, applets, Shockwave and Flash media is not appropriate.
Because GPFN is a volunteer-driven, non-profit organization, cost containment is always an organizational issue. The UMS must be implemented in as cost-efficient a manner as possible. This necessitates the use of open-source or ther free software and development tools; conversely, GPFN discourages the use of products which require license fees or other costs.
Because GPFN’s environment is exclusively based on Linux, any system must be implemented on the latest release of RedHat Linux. At the same time, because Linux is a constantly evolving operating system, any system should be sufficiently flexible and robust that it can be ported to newer releases of RedHat as those releases become available.
This requirement can be met by attempting to confine operating system specific calls to a single layer within the application environment.
During a Joint Application Development (JAD) session with GPFN board members, volunteers and members, the business model employed by the Free-Net was enunciated and elaborated.
The Free-Net has three basic classes of users. Registered Users are users who have signed up for service but who are not members of the corporation. Registered users are essentially “Free” users. They are not billed for their usage of the system. In return they are entitled to internet access using a GPFN dial-up account but are only offered a Cshell with its component text-only web browser and text based e-mail reader. They have 5 Mb of disk quota in the mail system and 2 Mb of disk quota for personal files and downloads in their home account. They are guaranteed one hour of usage per day.
Individual members have paid a membership fee (currently $24 per annum) to become a member of corporation. The constitution of GPFN allows for the contribution of service or goods-in-kind in lieu of the membership fee. Individual members are entitled to full participation in the governance of the corporation including voice and vote at all public meetings and the opportunity to be elected to the board of directors.
From a system usage perspective, institutional members are entitled to the same access privileges as Registered Users except that they:
Institutional memberships are intended for community groups and organizations comprised of more than one person. As such, the same rights, responsibilities, privileges and opportunities exist to them as for Individual members with the following exceptions:
A number of additional services are available to members only. These services include:
The costs for some of these services are not yet determined but they are all billed on the basis of a calendar year.
As a holdover from the default implementation of Csuite, a number of current GPFN memberships are held as “family” memberships. This is a membership category employed by the Chebucto Community Network but never formally adopted by GPFN. However, a small number of members found an orphaned page on GPFN’s web site and sent in a cheque for $40 for a family membership. GPFN decided to honour this membership option.
During the JAD session, GPFN stakeholders decided that they wanted any new system to have the option of supporting family memberships. Upon further discussion, it was agreed that the new system should have the capability of supporting a number of “aggregator” type accounts. Another example of such an account would be a company or non-profit group who has given a donation to the Free-Net. In exchange for the donation, GPFN would provide memberships at a reduced cost or at no cost to members of that company or group.
Such an “affinity” program would give GPFN a way of forming and cultivating strategic partnerships with other community groups and would necessitate a special pricing option for some members who also belong to the partnering organization.
Since the implementation will use a Web Server connected to the Internet, security is a concern. This concern stems from two sources: how to prevent a “man in the middle attack” whereby a third party will intercept transmissions to and from the application and learn about a user’s password or other personal information, and how to ensure that an individual interacting with the system is entitled to perform such interactions. The former concern involves an issue of privacy, the latter an issue of authenticity.
The “man-in-the-middle” attack is not a present concern. Since GPFN has no plans to conduct on-line financial transactions at this time, there is little reason for a malefactor to attempt to hijack data transmissions from the UMS. At the same time, most users and volunteers will be using GPFN’s own modems to connect to the system further minimizing the chance for intercepting data transmissions. However, the requirement to support SSL encrypted connections may be added in the future.
The issue of user authentication is more pressing. The database should be secured so that only applications on the local host can access the data with write privileges. The application level should be designed so that user authentication is required before accessing the system and once authenticated a user’s credentials are maintained for the duration of the session. Once a session is finished or a time limit expired, these credentials must be revoked.
User authentication is important for both user access and volunteer access to the system. In the former case, it must be absolutely guaranteed that a user will never be able to access another user’s data. Similarly, it must be absolutely guaranteed that only approved GPFN volunteers will have access to the information of any user.
The proposed system will be implemented by volunteers. This reality has a number of constituent consequences:
The development will be broken into four phases.
Phase 1 will include the minimum components required to add and support users on the new system. As such, it will include the use cases of allowing users to request new accounts, allowing users to request upgrades to existing accounts, allowing GPFN volunteers to generate a renewal cycle and process receipts against outstanding renewal requests.
Other functionality such as allowing users to check quotas or change passwords will be available through the Cshell, but not through the web enabled user interface.
Libraries of shared functions such as those required to authenticate users, set and revoke session credentials and test passwords and usernames for hardness or uniqueness are also included in this phase.
Phase 2 will allow users to manage their account and view their account history on line. They will be able to use a web interface to change their password, their mail forwarding settings, spam control settings as well as check their disk quota usage and financial history.
Phase 3 will allow GPFN volunteers to manage all aspects of a user’s account on their behalf including setting user passwords, mail forwarding, spam control settings, and viewing or reviewing the user’s disk quota and account history.
Phase 4 will incorporate the affinity program identified in the Business Model. Account billing will then be the value of the stated membership and service charges as defined in the database, or if the account references an affinity program, the pricing used is the price referenced by the affinity entity.
Although this document will provide the general design for all four phases of the project, the detailed design specifications will be restricted to Phase 1 functionality. The additional detailed specifications for the remaining phases will be more completely scoped as they are required.
To satisfy the needs identified in the requirement analysis, a multi-tiered approach to the design is preferred. In particular, the components that effect the necessary changes to the system configuration based on actions taken within the UMS should be isolated from the rest of the system. In this way, a migration to a new server or a new operating system release will require changes to these components without incurring the complete system rewrite that the current migration entails.
At the same time, where multiple procedures require the same function, a list of shared libraries should encapsulate these functions for this same reason. In this way, functions and services specific to the current version of RedHat (such as user authentication) can easily be altered to take into account new features or services of future releases.
However, to leverage volunteer resources, the tasks of developing the web interface (a task best suited to web developers) are separated from the tasks of developing back-end functionality (a task for formal PERL programmers). This distinction has the added benefit of allowing the web interface to be updated to a new corporate look in the future without affecting the application logic.
As depicted in Figure 1 below, the develop effort can be broken into a number of conceptual parts:
Before development of the Web Interface, a Visual Identity Guide (VIG) will be required. This guide will contain the basic style elements to ensure that all pages on the User Interface are visually and thematically consistent with each other and with the general GPFN web site.
The Visual Identity Guide will also contain directives concerning how users will navigate around the pages as well as how linkages outside the UMS pages back to the GPFN general web site will be incorporated.
In addition to the VIG, web developers will require a common set of resources such as icons, navigation bar graphics, template files and HTML Style. Developing the VIG and the other components will be the duty of the GPFN webmaster.
All System Configuration APIs must be intrinsically distrustful of their calling functions. This prevents a potential malefactor from directly calling these programs while masquerading as coming from a valid user. Such a masquerade could be successful if the API did not verify the authenticity of the caller on its own.
This distrust is managed by creating a virtual domain within the webserver for the UMS. The virtual domain along with its libraries and system configuration APIs will run under a distinct set of user and group permissions.
The Password Change API is responsible to ensure that the username and old password successfully authenticate the user. Only if the user is verified in this way is the new password checked for hardness according to the system configuration (normally using the cracklib libraries), then using a suid program, this API effects the password change on the system.
The Mail Forwarding API authenticates the user and if authenticated, allows the user to review, change or set the contents of their home .forward file.
The Mail Filtering API can perform many functions. For the purpose of this application, it copies a system .procmailrc template file into the user’s home account, thus effecting spam control. Again, the API must authenticate the user before effecting these changes.
The Disk Quota API authenticates the user and once authenticated, returns the user’s current quota values for display back to the user via a CGI script.
The Shared Library functions include all functions and methods used by two or more components of the system. It will include user authentication and managing of session credentials.
These functions will involve setting and retrieving cookies on the user’s browser, writing to and retrieving session values from the relational database, and managing Object Oriented PERL constructs and entities.
User authentication involves comparing the username supplied on a web form with the existence of the username on the system then comparing the password supplied on the form with the password maintained for the account on the system.
On a modern Linux system, Pluggable Authentication Modules, or PAM, supports user PAM supported libraries and applications are available on the Internet to be used as a template in constructing a custom authentication package.
For the UMS, a web form will request a user to input his username and password. PAM will then authenticate this user. If the user is successfully authenticated, a session token will be created for the user. This token will have an expiry date one hour into the future.
Authenticating GPFN volunteers is a slightly different matter. A GPFN volunteer is not simply a user, but rather a user with increased permissions to the system this system may not be suitable for volunteers. As well, volunteers may not want to use their system password to authenticate themselves to the UMS. Instead, they may want to use a password specific to the UMS.
For this reason, authenticating GPFN volunteers will use the htaccess and htpasswd functions inherent in the Apache web server. Web pages and CGI scripts specific to volunteers will be in a separate directory under which the web server will apply access controls.
Once the system authenticates a user, the libraries will have to manage session persistence for the user. To effect this persistence, the libraries will have their own database in the RDBMS. When a user is authenticated, a session token will be created composed of the username, the access level, the session creation timestamp, and a unique pseudo-random session ID. This token is inserted into the database and a cookie with this session token will be sent back to the user’s browser.
From then on, any calls by the user to a page on the system will return the cookie. This cookie is matched with the cookie in the database. If a match exists, then the user is the holder of a currently valid session. Any of the following conditions indicates that the session is not currently valid:
In any of these cases, the user is redirected back to the login page with the current pages’ URL stored in the QUERY_STRING for re-authentication and the session token is deleted from the database and the cookie. Once re-authenticated, the stored URL can be used to return the user to the page they were viewing before the authentication failure.
The system implementation involves a number of distinct yet inter-related functions. The following dataflow diagrams show the interaction flows in the system. The last dataflow case: “Manage User Account” is slated for Phases 2 and 3 of the project.
The top-level dataflow diagram lists the interactions between the system. This interaction is further exploded for each dataflow in the subsequent diagrams:
The Manage User Account Data Flow is slated for implementation in phases 2 and 3 of the project.
The dataflow will be managed using a combination of HTML pages, Javascript functions within HTML, CGI scripts, embedded PERL within HTML, and some shell script and PERL script library functions.
To visualize the data flow as it relates to the actual structure of the web site, the following Web Navigation Flow Diagrams were prepared. Figure 2 shows the pages available through the public web space to all users and potential users. Note that while an initial applicant can make an application without any sort of authentication, a user requesting an upgrade and all other user functions require the user to be authenticated prior to performing any of these actions.
The volunteer portion of the web site will be secured using the inherent access controls of the Apache web server. As such, no user authentication library calls are required, the processing flow is somewhat simplified.
The Data Model is intended to be a comprehensive model to support both the immediate needs of the UMS and possible future features and enhancements. Not all fields will be used in the currently scoped implementation.
Data Type | Constraints | Default Value | Description | |
---|---|---|---|---|
Sys_Default_Id |
Int |
Primary Key |
|
System Generated Sequential Key |
Sys_Ind_Mem_Price |
Float |
Not NULL |
24.00 |
Approved Annual Fee for Individual Memberships |
Sys_Inst_Mem_Price |
Float |
Not NULL |
48.00 |
Approved Annual Fee for Institutional Memberships |
Sys_Reg_User_Price |
Float |
Not NULL |
0.00 |
Approved Annual Fee for Registered Non-member users |
Sys_PPP_Price |
Float |
Not NULL |
125.00 |
Approved Annual Fee for Graphical PPP Access |
Sys_DB_Price |
Float |
Not NULL |
|
Approved Annual Fee for Database Hosting |
Sys_VirtualDomain_Price |
Float |
Not NULL |
|
Approved Annual Fee for Virtual Domain Hosting |
Sys_TimeQuota1 |
Float |
Not NULL |
? |
Maximum allowed time per single session for users |
Sys_TimeQuota2 |
Float |
Not NULL |
? |
Maximum allowed sessions per day for users |
Sys_SSL_Price |
Float |
Not NULL |
|
Approved Additional Annual Fee for SSL encrypted Virtual Domain Hosting |
Sys_ListServer_Price |
Float |
Not NULL |
100.00 |
Approved Annual Fee for Listserver Hosting |
Sys_Next_UserId |
String (5) |
Not NULL |
|
Next available UserName for Registered User accounts following the Csuite naming convention of aannn1 |
Sys_ExtraDiskQuota_Price |
Float |
Not NULL |
? |
Approved Annual Pricing per Mb of extra Disk Quota above the approved included amounts |
Sys_Incl_Quota1 |
Int |
Not NULL |
|
Approved Amount of basic disk space in filesystem1 |
Sys_Incl_Quota2 |
Int |
Not NULL |
|
Approved Amount of basic disk space in filesystem2 |
Sys_Incl_Quota3 |
Int |
Not NULL |
|
Approved Amount of basic disk space in filesystem3 |
Sys_Quota1_Mnt |
String (8) |
Not NULL |
|
Mount point on the system for quota1 |
Sys_Quota2_Mnt |
String (8) |
Not NULL |
|
Mount point on the system for quota2 |
Sys_Quota3_Mnt |
String (8) |
Not NULL |
|
Mount point on the system for quota3 |
Sys_Last_Annual_Cycle |
Timestamp |
|
|
The timestamp of the last generated invoice cycle. This is used to frequent duplicate invoice cycles within the same fiscal year. |
Field Name | Data Type | Constraints | Default Value | Description |
---|---|---|---|---|
User_Number |
Int |
Primary Key |
|
System Generated Sequential Number |
User_LastName |
String (30) |
Not NULL |
|
User’s Last Name |
User_FirstName |
String (20) |
Not NULL |
|
User’s First Name |
User_Initial |
String (60) |
|
|
User’s Initial |
User_Salutation |
String (60) |
|
One of “Mr.”, “Mrs.”, “Ms.”, “Dr.”, “Rev.” |
User’s Title of Address |
User_Organization |
String (50) |
|
|
Name of User’s Organization if user is a group or collective entity |
User_Title |
String (30) |
|
|
Position or title of person within the organization |
User_StreetAddress1 |
String (30) |
Not NULL |
|
User’s first line of mailing address |
User_StreetAddress2 |
String (30) |
|
|
|
User_City |
String (30) |
Not NULL |
|
|
User_Province |
String (30) |
Not NULL |
|
|
User_Country |
String (30) |
Not NULL |
|
|
User_PostalCode |
String (20) |
Not NULL |
|
|
User_HomePhone |
String (20) |
|
|
|
User_WorkPhone |
String (20) |
|
|
|
User_Age |
Int |
|
|
Really only required for users under the age of majority (so we get their parent’s signature on any application) |
User_IsActive |
Int |
Not NULL |
0 |
0 for not active, 1 for active, 2 for declined, 3 for expired, 4 for purged |
User_Since |
Timestamp |
Not NULL |
|
Date the user applied for an account |
User_IsMember |
Int |
Not NULL |
0 |
0 for non-member, 1 for member |
User_Status_Msg |
String (60) |
|
|
Any Volunteer entered text string to describe issues concerning a user |
User_UserName |
String (16) |
Not NULL |
|
The system generated username for non- members, or the personalized username for members. This is only used during the account application process and NOT changed for users who upgrade to membership later. |
User_InitialPassword |
String (16) |
Not NULL |
Must be checked against the cracklib |
The User requested initial password in MD5 hash encryption |
User_EnteredBy |
String (16) |
Not NULL |
|
The name of the GPFN Volunteer adding the user to the system |
Field Name | Data Type | Constraint | Default Value | Description |
---|---|---|---|---|
User_Number |
Int |
Foreign Key |
References User |
If an entry exists in this table with User_Number, then we know that this User is also a member |
Affinity_Number |
String (10) |
Foreign Key |
References Affinity |
If an entry exists in this table, then the member has a special pricing relationship with GPFN (to be implemented in Phase 4) |
Member_Type |
Int |
Not NULL |
1 or 2 |
1 for Individual Member, 2 for Institutional Member |
Member_Since |
Timestamp |
Not NULL |
|
Date on which user applied to become a member |
Member_EnteredBy |
String (16) |
Not NULL |
|
The name of the GPFN Volunteer adding the member to the system |
Field Name | Data Type | Constraints | Default Value | Description |
---|---|---|---|---|
Affinity_Number |
String (10) |
Primary Key |
|
|
Affinity_Name |
String (50) |
Not NULL |
|
Name of group or organization entering into an affinity relationship with GPFN |
Affinity_Contact_ LastName |
String (30) |
Not NULL |
|
Name of contact person with the group or organization |
Affinity_Contact_ FirstName |
String (20) |
Not NULL |
|
|
Affinity_StreetAddress1 |
String (30) |
Not NULL |
|
|
Affinity_StreetAddress2 |
String (30) |
|
|
|
Affinity_City |
String (30) |
Not NULL |
|
|
Affinity_Province |
String (30) |
Not NULL |
|
|
Affinity_Country |
String (30) |
Not NULL |
|
|
Affinity_PostalCode |
String (30) |
Not NULL |
|
|
Affinity_Phone |
String (20) |
Not NULL |
|
|
Affinity_Ind_Mem_Price |
Float |
Not NULL |
0.00 |
Agreed price of individual memberships under this affinity agreement |
Affinity_Ind_Mem_Max_ Count |
Int |
Not NULL |
0 |
Agreed maximum number of individual memberships to be sold under this affinity agreement |
Affinity_PPP_Price |
Float |
Not NULL |
0.00 |
Agreed price of PPP connections under this affinity agreement |
Affinity_PPP_Max_Count |
Int |
Not NULL |
0 |
Agreed maximum number of PPP connections to be sold under this affinity agreement |
Affinity_Quota1_Amt | Int | Not NULL | 0 |
Agreed amount of disk space in Quota space 1 |
Affinity_Quota2_Amt |
Int |
Not NULL |
0 |
Agreed amount of disk space in Quota space 2 |
Affinity_Quota2_Amt |
Int |
Not NULL |
0 |
Agreed amount of disk space in Quota space 2 |
Affinity_Quota_Max_ Count |
Int |
Not NULL |
0 |
Agreed maximum number of members who benefit from the increased quota limits under this affinity |
Affinity_Annual_ Agreement_Fee |
Float |
Not NULL |
0.00 |
Annual Fee to be invoiced to the Affinity_Name for the terms of the affinity agreement |
Affinity_EnteredBy |
String (16) |
Not NULL |
|
The name of the GPFN Volunteer adding or editing the affinity to the system |
Field Name | Data Type | Constraints | Default Value | Description |
---|---|---|---|---|
User_Number |
Int |
Foreign Key |
References User |
|
Service_Text_Access |
Int |
Not NULL |
1 |
1 if user has access to text-only dial-up |
Service_PPP_Access |
Int |
Not NULL |
0 |
1 if user has access to PPP graphical dial-up |
Service_WebSite |
Int |
Not NULL |
0 |
1 if user has access to web space within GPFN’s public web space (not including the user’s public_html directory) |
Service_Website_Path |
String |
|
|
The relative path from the Webserver’s document root to the directory for this members’ web space within the gpfn.ca domain. |
Service_DBAccess |
Int |
Not NULL |
0 |
Number of databases the user has access to on the database server |
Service_Quota1 |
Int |
Not NULL |
0 |
Number of extra Mb of disk space the user has subscribed to on the filesystem referenced by Quota1 |
Service_Quota2 |
Int |
Not NULL |
0 |
Number of extra Mb of disk space the user has subscribed to on the filesystem referenced by Quota2 |
Service_Quota3 |
Int |
Not NULL |
0 |
Number of extra Mb of disk space the user has subscribed to on the filesystem referenced by Quota3 |
Service_VirtualDomain |
Int |
Not NULL |
0 |
Number of virtual domains the user has on the system |
Service_ VirtualDomainName |
String |
|
|
Registered Name of the Virtual Domain |
Service_TimeQuota1 |
Int |
NotNULL |
0 |
Amount of extra time the user has paid to be added to the value included in Sys_TimeQuota1 |
Service_TimeQuota2 |
Int |
NotNULL |
0 |
Amount of extra time the user has paid to be added to the value included in Sys_TimeQuota2 |
Service_EmailAliases_ Max_Count |
Int |
Not NULL |
0 |
The maximum number of e-mail aliases belonging to this user |
Service_SSL |
Int |
Not NULL |
0 |
The number of SSL enabled Virtual Domain web hosts for this user on the system |
Service_Listserver |
Int |
Not NULL |
0 |
The number of Listservers for this user on the system |
Services_EnteredBy |
String (16) |
Not NULL |
|
The name of the GPFN Volunteer adding or editing this service list on the system |
Field Name | Data Type | Constraints | Default Value | Description |
---|---|---|---|---|
Alias_Id |
Int |
Primary Key |
|
System Generated Incremental Number |
User_Number |
Int |
Foreign Key |
References User |
|
Alias_GPFNAddress |
String (30) |
Not NULL |
|
The GPFN address to which mail is received |
Alias_ExtAddress |
String (50) |
Not NULL |
|
The non-GPFN address to which mail is redirected |
Field Name | Data Type | Constraints | Default Value | Description |
---|---|---|---|---|
Invoice_Number |
Int |
Primary Key |
|
System Generated Incremental Number |
User_Number |
Int |
Foreign Key |
References User |
|
Invoice_Date |
Timestamp |
Not NULL |
|
Date on which the invoice was issued |
Invoice_Medium |
String (20) |
Not NULL |
|
One of “e-mail”, “paper”, “fax” or some other such descriptor of the method in which the invoice was delivered |
Invoice_Amount |
Float |
Not NULL |
|
The total value of the invoice |
Invoice_EnteredBy |
String (16) |
Not NULL |
|
The name of the GPFN Volunteer adding this invoice to the system |
Field Name | Data Type | Constraints | Default Value | Description |
---|---|---|---|---|
Item_Number |
Int |
Primary Key |
|
System Generated Incremental Number |
Invoice_Number |
Int |
Foreign Key |
References Invoice |
|
User_Number |
Int |
Foreign Key |
References User |
|
Item_Description |
String (60) |
Not NULL |
|
Description of the line item for the invoice |
Item_Amount |
Float |
Not NULL |
0.00 |
Amount of the line item for the invoice |
Field Name | Data Type | Constraints | Default Value | Description |
---|---|---|---|---|
Receipt_Number |
Int |
Primary Key |
|
System Generated Incremental Number |
Invoice_Number |
Int |
Foreign Key |
References Invoice |
|
User_Number |
Int |
Foreign Key |
References User |
|
Receipt_Date |
Timestamp |
Not NULL |
|
Date that the amount was received and processed by the volunteer |
Receipt_Amount |
Float |
Not NULL |
0.00 |
Amount received from the user |
Receipt_Payment_Type |
String (30) |
Not NULL |
|
One of “Cash”, “Cheque”, “Credit Card” or some other description |
Receipt_Entered_By |
String (16) |
Not NULL |
|
The name of the GPFN Volunteer adding this receipt to the system |
Field Name | Data Type | Constraint | Default Value | Description |
---|---|---|---|---|
Upgrade_Id |
Int |
Primary Key |
|
System Generated Incremental Number |
Invoice_Number |
Int |
Foreign Key |
References Invoice |
|
User_Number |
Int |
Foreign_Key |
References User |
|
Upgrade_User-Ind |
Int |
Not NULL |
0 |
1 if the upgrade turns a registered user into an individual member |
Upgrade_User-Inst |
Int |
Not NULL |
0 |
1 if the upgrade turns a registered user into an institutional member |
Upgrade_Ind-Inst |
Int |
Not NULL |
0 |
1 if the upgrade turns an individual into an institutional member |
Upgrade_Username |
String (16) |
|
|
The selected username for a user upgrading to a membership from a registered user account. |
Upgrade_toPPP |
Int |
Not NULL |
0 |
1 if the upgrade enables PPP |
Upgrade_toDB |
Int |
Not NULL |
0 |
The number of Databases to be added to the User’s account |
Upgrade_DBName |
String |
|
|
The requested name for a database on the database server. |
Upgrade_Quota1 |
Int |
Not NULL |
0 |
Number of Mb to be added to the user’s disk quota of the filesystem referenced by Quota1 |
Upgrade_Quota2 |
Int |
Not NULL |
0 |
Number of Mb to be added to the user’s disk quota of the filesystem referenced by Quota2 |
Upgrade_Quota3 |
Int |
Not NULL |
0 |
Number of Mb to be added to the user’s disk quota of the filesystem referenced by Quota3 |
Upgrade_toVirtualDomain |
Int |
Not NULL |
0 |
Number of Virtual Domains to add to the user |
Upgrade_ VirtualDomainName |
String |
|
|
The requested domain for an application for a virtual domain |
Upgrade_TimeQuota1 |
Int |
Not NULL |
0 |
Number of additional minutes to add to Sys_TimeQuota1 |
Upgrade_TimeQuota2 |
Int |
Not NULL |
0 |
Number of additional sessions to be added to Sys_TimeQuota2 for this user |
Upgrade_toSSL |
Int |
Not NULL |
0 |
Number of SSL enabled web hosts to be added to this client |
Upgrade_toAliases |
Int |
Not NULL |
0 |
Number of additional email aliases to be added to this user’s services |
Upgrade_AliasExtAddress |
String |
|
|
e-mail address of the external service to which e-mail to the alias will be redirected |
Upgrade_ AliasGPFNAddress |
String |
|
|
e-mail address of the GPFN address to which mail will be receive and then redirected |
Upgrade_toListserver |
Int |
Not NULL |
0 |
Number of additional Listservers to be added to this user’s services |
Upgrade_ListserverName |
String |
|
|
Name of mailing list for an upgrade to Listserver. |
Upgrade_ApprovedBy |
String (16) |
Not NULL |
|
The name of the GPFN Volunteer approving this upgrade on the system |
The following pages describe the modules, functions, and pages to be developed as part of the new system. Each of the following modules can be assigned to different developers as a self-contained system component.
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/index.html Assigned to: Reference: |
|
Description |
This pure HTML page contains the descriptions and navigation for users, prospective users and members to interact with the UMS. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
GPFN Main page, other pages on the GPFN web site |
Can Call: |
user/join.html |
Function Description |
Page invites viewer to join the GPFN listing the benefits of membership and other service upgrade options. (Phase 2)A link to the myacct.html page so users can view their account information is also present. |
Possible Exit Conditions and Return Values |
None required |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/join.html Assigned to: Reference: |
|
Description |
This HTML page contains the descriptions of the membership and user classes of the Great Plains Free-Net for which they wish to apply. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
user/index.html |
Can Call: |
user/agree.html |
Function Description |
The page describes the three classes of user: Registered User, Individual Member and Institutional Member and the benefits and features of each class. A Cancel link redirects users to the user/index.html page and a GPFN button takes the viewer back to the main GPFN page. |
Possible Exit Conditions and Return Values |
None |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/agree.html Assigned to: Reference: |
|
Description |
This page contains the user agreement, acceptable use policy and other requirements the viewer must agree to before obtaining a GPFN account. |
Implementation Skills |
HTML, HTML forms, Javascript |
Parameter List |
None |
Called By: |
user/join.html |
Can Call: |
user/apply.html |
Function Description |
The page contains the text to which a prospective user must agree before an account application is received and processed. The viewer notes acceptance of this agreement by clicking an “Accept” button at the bottom of the page. The Accept button directs them to the apply.html page with the value “UA_accept” appended to the URL as a Query String parameter. A “Decline” button returns them to the user/join.html page. A “GPFN Home” button returns them to the GPFN main page. |
Possible Exit Conditions and Return Values |
If the viewer clicks the “Accept” button, they are sent to user/apply.html?UA_accept. If the viewer clicks the “Decline” button, they are sent to user/join.html If the viewer clicks the “GPFN Home” button, they are sent to /index.html |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/apply.html Assigned to: Reference: |
|
Description |
This HTML page contains a form to gather the information required to process an application to the GPFN |
Implementation Skills |
HTML, HTML Forms, Javascript |
Parameter List |
Query String must contain value “UA_accept” |
Called By: |
user/agree.html |
Can Call: |
user/validate.cgi |
Function Description |
The URL to which the user arrives must be “user/apply.html?UA_accept”. If the “?UA_accept” portion of the URL is missing, they should be redirected to the user/join.html page. If the UA_accept parameter is received the page displays an HTML form. This form must first query the viewer for the type of account they want. A pop-up menu named “Membership_Class” should list “Registered User”, “Individual Member” and “Institutional Member and send values “Registered”, “Individual”, and “Institution” respectively. The form must also obtain the following data from the user. Items marked with a (*) are required and must be present before the form is processed: *User_FirstName If the application is for an individual or institutional membership the following fields must also be gathered |
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/upgrade.html Assigned to: Reference: |
|
Description |
This HTML page contains the terms and conditions related to any upgrade option including prices. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
user/index.html |
Can Call: |
user/login.cgi?upgrade.cgi |
Function Description |
The page lists all relevant details for users to be able to decide what options to select in upgrading their account. Users can click to move forward to the login.cgi page before formally request an upgrade, or click a cancel button to go back the user/index.html page or a GPFN home button. |
Possible Exit Conditions and Return Values |
If the user clicks to apply for an upgrade, control passes to URL: login.cgi?upgrade.cgi. The “upgrade.cgi” string allows the login.cgi script to redirect the user to the correct option page if the login is successful. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: user/myacct.html (Phase 2) Assigned to: Phase 2 Reference: |
|
Description |
This HTML page contains a description of the options available to the account holder in viewing or managing his or her account history and configuration |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
user/index.html |
Can Call: |
user/login.cgi?myacct.cgi |
Function Description |
Users can click to move forward to the login.cgi page before formally viewing their account history or settings or altering their account configuration, or click a cancel button to go back the user/index.html page or a GPFN home button. |
Possible Exit Conditions and Return Values |
If the user clicks to view their account, control passes to the login.cgi?myacct.cgi. The “myacct.cgi” string is used to allow the login.cgi script to redirect the user to the correct option page if the login is successful. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/index.html Assigned to: Reference: |
|
Description |
This pure HTML page allows the volunteer to choose between processing applications for accounts and upgrades and processing financial transactions. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
Directly by the user. Page is behind htaccess controls. |
Can Call: |
vol/listapps.cgi vol/invoices.html |
Function Description |
The volunteer can choose:
|
Possible Exit Conditions and Return Values |
None |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/invoices.html Assigned to: Reference: |
|
Description |
This HTML/Javascript page allows the volunteer to choose the options before generating new invoices or reminder notices. The volunteer can choose to generate an annual invoice cycle for all members, display an invoice for a particular user, generate an annual invoice for a particular user, display statements for all members, or display a statement for a particular user. As well, the form allows the volunteer to choose to e-mail the statements or invoices to the user, or to print them to the screen, or to print them to a tab delimited file which can be downloaded. The number and identity of the invoices or statements e-mailed or displayed in this way corresponds to the choices made in the preceding paragraph. |
Implementation Skills |
HTML, Javascript, HTML forms |
Parameter List |
None |
Called By: |
vol/index.html |
Can Call: |
vol/geninvoice.cgi |
Function Description |
The HTML form gathers the following information before passing the data to the geninvoice.cgi script:
A Submit button forwards the form data to the geninvoice.cgi. A Cancel button returns the volunteer to the vol/index.cgi page. |
Possible Exit Conditions and Return Values |
The form and Javascript should correctly handle all data exceptions. Data should be passed to the geninvoice.cgi script. Cancels should return control to index.html |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/invoice.tmpl Assigned to: Reference: |
|
Description |
This HTML page forms a dynamically generated invoice. The template file is used by the geninvoice.cgi developer to present an attractive and visually consistent invoice to the user. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
vol/geninvoice.cgi |
Can Call: |
|
Function Description |
The template file includes all HTML and graphics to display an invoice on a web browser window. It must be visually equivalent whether displayed in Internet Explorer, Netscape Navigator or Opera. Spaces should be left for user identification, date of invoice, invoice charges and item descriptions, payment terms and options, instructions to print this page, and GPFN identification and remittance information |
Possible Exit Conditions and Return Values |
The page is not called directly but will be cut and pasted into cgi scripts. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/stmt.tmpl Assigned to: Reference: |
|
Description |
This HTML page forms a dynamically generated statement. The template file is used by the geninvoice.cgi developer to present an attractive and visually consistent statement to the user. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
vol/geninvoice.cgi |
Can Call: |
|
Function Description |
The template file includes all HTML and graphics to display a statement on a web browser window. It must be visually equivalent whether displayed in Internet Explorer, Netscape Navigator or Opera. Spaces should be left for user identification, dates and amounts of invoices and receipts, payment terms and options, outstanding balance and the aging of the balance and GPFN identification, instructions to print this page, and remittance information |
Possible Exit Conditions and Return Values |
The page is not called directly but will be cut and pasted into cgi scripts. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/rcpt.tmpl Assigned to: Reference: |
|
Description |
This HTML page forms a dynamically generated receipt. The template file is used by the receipts.cgi developer to present an attractive and visually consistent statement to the user. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
vol/receipts.cgi |
Can Call: |
|
Function Description |
The template file includes all HTML and graphics to display a receipt on a web browser window. It must be visually equivalent whether displayed in Internet Explorer, Netscape Navigator or Opera. Spaces should be left for user identification, date, instructions to print this page, amount and payment method as well as GPFN identification and a thank-you message. |
Possible Exit Conditions and Return Values |
The page is not called directly but will be cut and pasted into cgi scripts. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/accept.tmpl Assigned to: Reference: |
|
Description |
This HTML page forms a dynamically generated statement. The template file is used by the validate.cgi developer to present a user acceptance agreement for signature and mail-in by the new account applicant. |
Implementation Skills |
HTML |
Parameter List |
None |
Called By: |
user/validate.cgi |
Can Call: |
|
Function Description |
The template file includes all HTML and graphics to display a user acceptance agreement on a web browser window. It must be visually equivalent whether displayed in Internet Explorer, Netscape Navigator or Opera. Spaces should be left for user identification, legal terms and obligations, provisions for under-age applicants, payment terms and options, and GPFN identification, instructions to print this page, and remittance information |
Possible Exit Conditions and Return Values |
The page is not called directly but will be cut and pasted into cgi scripts. |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: (X)Web Page ( )CGI Script ( )Shared Library ( )System API Name: vol/acct.html (Phase 3) Assigned to: Phase 3) Reference: |
|
Description |
This HTML page lists the account management options available to the volunteer and collects the information on which user account to display. |
Implementation Skills |
HTML, HTML Forms |
Parameter List |
None |
Called By: |
vol/index.html |
Can Call: |
vol/history.cgi |
Function Description |
Not yet fully defined |
Possible Exit Conditions and Return Values |
Not yet fully defined |
Sign Off by: |
Membership Committee or GPFN Board Designate |
Procedure Model Type: ( )Web Page ( X )CGI Script ( )Shared Library ( )System API Name: user/validate.cgi Assigned to: Reference: |
|
Description |
This script takes the information from the user/apply.html form, verifies that all required data is present before attempting to create a new user request. |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
Membership_Class |
Called By: |
user/apply.html |
Can Call: |
lib/uname_generate.pl |
Function Description |
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager & Membership Committee or Board Designate |
Procedure Model Type: ( )Web Page ( X )CGI Script ( )Shared Library ( )System API Name: user/login.cgi Assigned to: Reference: |
|
Description |
This script creates a form to which the user enters their username and password, validates the information against the system records and if the user is authenticated, sets up a set of credentials for the user’s current session. |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
QueryString contains the URL (without the host portion) to which the user is redirected upon a successful authentication
|
Called By: |
user/upgrade.html |
Can Call: |
lib/Login.pm |
Function Description |
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
[1] The Access_Level value is included so that access texture can be incorporated in the future when different users and different volunteers can be given different levels of access to the system.
Procedure Model Type: ( )Web Page ( X )CGI Script ( )Shared Library ( )System API Name: user/upgrade.cgi Assigned to: Reference: |
|
Description |
This script shows the user the available system upgrades available to them. If the user selects any upgrades, an entry is added to the upgrade table so that the upgrades can be processed and applied to the users account. |
Implementation Skills |
PERL, CGI, SQL, Javascript |
Parameter List |
|
Called By: |
user/index.html |
Can Call: |
lib/Login.pm |
Function Description |
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( X )CGI Script ( )Shared Library ( )System API Name: vol/listapps.cgi Assigned to: Reference: |
|
Description |
This script lists the applications for accounts currently in a pending state and asks a volunteer to approve or delete the application |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
|
Called By: |
vol/index.html vol/listapps.cgi |
Can Call: |
add_ppp() |
Function Description |
If the volunteer has selected the Delete button from a previous invocation of the form:
If the volunteer has selected the Approve button from a previous invocation of the form, perform the following steps:
For all invocations of the script including the first:
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( X )CGI Script ( )Shared Library ( )System API Name: vol/listupgrades.cgi Assigned to: Reference: |
|
Description |
This script lists the upgrades for existing accounts where an unapproved Upgrade_Request table record exists. |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
|
Called By: |
vol/index.html vol/listupgrades.cgi |
Can Call: |
lib/add_alias |
Function Description |
If the volunteer has selected the Delete button from a previous invocation of the form:
If the volunteer has selected the Approve button:
For all invocations of the script including the first:
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page (X)CGI Script ( )Shared Library ( )System API Name: vol/geninvoices.cgi Assigned to: Reference: |
|
Description |
This script taking parameters from the form on invoice.html generates invoices or statements for one or all system users |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
Invoice_Count |
Called By: |
vol/invoices.html |
Can Call: |
vol/index.html |
Function Description |
Depending on the values of the Type_Switch and Invoice_Count parameters, create a temporary directory named after the current process_id in which to store the following generated invoices or statements. Only one of the following six steps will be used for each invocation of this script:
Regardless of which of the above six steps was selected, get the value of the Medium_Switch parameter:
Delete the temporary directory created above. |
Possible Exit Conditions and Return Values |
The script should always return successfully |
Sign Off by: |
Membership Committee or board designate |
[1] We don’t mind invoices going out in September for the coming year, but let’s make sure that we don’t have two volunteers thinking this way or we’ll be billing people for two years down the road.
[2] This requirement is intended to allow the Free-Net to query existing registered users to determine if they still want their free e-mail and dial-up account. The invoice should have some information for the user to either print the invoice, sign it and send it in, or else e-mail a confirmation that they want to keep their account.
Procedure Model Type: ( )Web Page (X)CGI Script ( )Shared Library ( )System API Name: vol/receipts.cgi Assigned to: Reference: |
|
Description |
This script gets a list of all unpaid invoices and displays them to the volunteer so that the volunteer can apply receipts against them. |
Implementation Skills |
PERL, CGI, SQL |
Parameter List |
|
Called By: |
vol/index.html |
Can Call: |
vol/index.html |
Function Description |
If the script has been called by a previous invocation of this same script as determined by the value of the Submit button being “Apply Receipt”:
For all invocations through this script, even the first, perform the following steps:
|
Possible Exit Conditions and Return Values |
The script should always return successfully. If no outstanding invoices exist, an empty list should be presented. Volunteers can always click on a link to take them to the vol/index.html or GPFN main page. |
Sign Off by: |
Membership Committee or board designate |
Procedure Model Type: ( )Web Page ( )CGI Script (X)Shared Library ( )System API Name: lib/uname_test.pl Assigned to: Reference: |
|
Description |
This script verifies that a username passed as a string to the function would be a good username. The test of goodness requires that the proposed username is unique to the system (i.e. no existing user has this name), and that the username is comprised of only alphabetic characters, numbers, underscores and dots (period), and that the username is between 4 and 16 characters long. For the purpose of the test, uppercase and lowercase characters are equivalent so that if the user has chosen a username of upper-case characters, these characters will be replaced with their lower-case equivalents. |
Implementation Skills |
PERL |
Parameter List |
String containing the proposed username |
Called By: |
user/validate.cgi |
Can Call: |
|
Function Description |
Verify the appropriateness and uniqueness of the proposed username by performing the following steps:
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager. |
Procedure Model Type: ( )Web Page ( )CGI Script (X)Shared Library ( )System API Name: lib/uname_generate.pl Assigned to: Reference: |
|
Description |
This function returns a string containing the next available sequential username following the format aannn where “a” denotes an alphabetic, lowercase character and “n” denotes a digit. For example, if the last username assigned by this function was aa999, the function will test that ab000 is not assigned and if it is free, will assign it. Otherwise, the function will test for ab001 and so on. |
Implementation Skills |
PERL |
Parameter List |
none |
Called By: |
user/validate.cgi |
Can Call: |
lib/uname_test.pl |
Function Description |
|
Possible Exit Conditions and Return Values |
The function returns the value of the next available sequentially assigned username as a scalar value. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script (X)Shared Library ( )System API Name: lib/pw_check Assigned to: Reference: |
|
Description |
This function takes a string parameter and runs it against the system pw_check utility to see if it is a sufficiently strong password. If not, the function returns a string describing the weakness(es) of the password. |
Implementation Skills |
C |
Parameter List |
password- a string containing the password string to test |
Called By: |
user/validate.cgi |
Can Call: |
crack.h |
Function Description |
#include <stdio.h> #include <stdlib.h> #include <crack.h> int main(int argc, char *argv[]) { int i; char* pw_check; char* password; char* dict_path = “/usr/lib/cracklib_dict”; char* null_string = “”; char* bad_usage = "Usage: pw_check [password]"; if (argc != 2) { fputs(bad_usage,stdout); return (-1); } password = argv[1]; pw_check = FascistCheck(password, dict_path); if (pw_check != NULL) fputs(pw_check,stdout); else fputs(null_string,stdout); exit(0); } Usage within a PERL or Shell Script: $output=`pw_check([password])`; if ($output eq “”) { # password is good } else { # password is bad. Reason is stored in $output } |
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script (X)Shared Library ( )System API Name: lib/Login.pm Assigned to: Reference: |
|
Description |
This module manages login sessions for the system. Its public methods are called by CGI scripts to determine if the user is properly authenticated on the system and has currently valid credentials. The Constructor assumes that the user has been authenticated by the login.cgi script. As such, it accepts the call to create the session token, but does no additional checks on the authenticity of the user. |
Implementation Skills |
PERL, SQL, MySQL |
Parameter List |
Username, access_level |
Called By: |
user/login.cgi |
Can Call: |
Http_Sessions database. |
Function Description |
HTTP_Sessions database Sessions table: +-------------+---------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +-------------+---------------+------+-----+---------+-------+ | User_Name | varchar(20) | | PRI | | | | Session_Tok | varchar(32) | | | | | | Access_Level| int | | | 0 | | | TimeStamp | timestamp(14) | YES | | NULL | | +-------------+---------------+------+-----+---------+-------+ Constructor(UserName, Access_Level) method:
getLogin() method:
getUserName(Login) method:
getAccessLevel(Login) method:
destroy(UserName) method:
|
Possible Exit Conditions and Return Values |
A Login object with undefined properties indicates that the system failed to find any credentials for this user. This test is usually performed by using the getLogin() method to get a Login object and then calling the getUserName(Login) method with the Login object returned by the getLogin method. If the getUserName method returns an undefined value, then the credentials do not exist or there is a system problem. Note that this class does not test for the age of a set of credentials although such a test can be included by having the getLogin method test the age of the session token by looking at the timestamp value in the Sessions table. |
Sign Off by: |
Project Manager. |
Procedure Model Type: ( )Web Page ( )CGI Script (X)Shared Library ( )System API Name: lib/auth_user Assigned to: |
|
Description |
This suid program takes the username and password and returns a 0 if the username and password match the system password for the stated user. Any other return code indicates an error. |
Implementation Skills |
C, PAM |
Parameter List |
Username and password as string values |
Called By: |
user/login.cgi |
Can Call: |
PAM system libraries |
Function Description |
Example of a proper function call from a calling PERL script: output=`/usr/local/csuite/lib/auth_user $user $passwd `; /***************************************************** ** Library functions to interact with the Linux-PAM ** ** modules in order to update a user's password on ** ** the system. ** ** ** ** Make sure you add the following lines to the ** ** pam.conf file (or equivalent): ** ** cs_password auth required ** ** /lib/security/pam_unix_auth.so ** ** cs_password account required ** ** /lib/security/pam_unix_acct.so ** ** cs_password password required ** ** /lib/security/pam_unix_passwd.so ** ** cs_password session required ** ** /lib/security/pam_unix_acct.so ** ** ** ** Author: Daryle Niedermayer (dpn) ** ** daryle@gpfn.ca ** ** Date: 2002-06-17 ** ** ** ******************************************************/ #include <stdio.h> #include <stdlib.h> #include <security/pam_appl.h> #include <security/pam_misc.h> #define CS_BAD_DATA -2 #define CS_BAD_USAGE -1 #define CS_SUCCESS 0 #define COPY_STRING(s) (s) ? strdup(s) : NULL /* DEFINE STATIC EXTERNAL STRUCTURES AND VARIABLES SO THAT THEY ONLY HAVE SCOPE WITHIN THE METHODS AND FUNCTIONS OF THIS SOURCE FILE */ static char* service_name = "cs_password"; static char* user; static char* old_password; static char* new_password; static int PAM_conv (int, const struct pam_message**, struct pam_response**, void*); static struct pam_conv PAM_converse = {PAM_conv, NULL}; /************************************************* ** PAM Conversation function ** *************************************************/ static int PAM_conv ( int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { int replies = 0; struct pam_response *reply = NULL; reply = malloc(sizeof(struct pam_response) * num_msg); if (!reply) return PAM_CONV_ERR; for (replies = 0; replies < num_msg; replies++) { if (! strcmp(msg[replies]->msg,"Password: ")) reply[replies].resp = COPY_STRING(old_password); if (! strcmp(msg[replies]->msg, "(current) UNIX password: ")) reply[replies].resp = COPY_STRING(old_password); } *resp = reply; return PAM_SUCCESS; } /************************************************* ** MAIN PROCEDURE ** *************************************************/ int main(int argc, char *argv[]) { /* DEFINITIONS */ pam_handle_t* pamh = NULL; int retval; char* pw_check; char* dict_path = "/usr/lib/cracklib_dict"; /* DETERMINE IF VARIABLE COUNT IS CORRECT */ if (argc != 3) { printf("Usage: auth_user <USER> <PASSWORD>\n"); exit (CS_BAD_USAGE); } /* PARSE PARAMETERS FROM INPUTS */ user = argv[1]; old_password = argv[2]; if (!(user && old_password && strlen(user) && strlen(old_password))) exit (CS_BAD_DATA); /* GET A HANDLE TO A PAM INSTANCE */ retval = pam_start(service_name, user, &PAM_converse, &pamh); /* IS THE USER REALLY A USER? */ if (retval == PAM_SUCCESS) retval = pam_authenticate(pamh, 0); else return retval; /* IS USER PERMITTED ACCESS? */ if (retval == PAM_SUCCESS) retval = pam_acct_mgmt(pamh, 0); else return retval; /* CLEAN UP OUR HANDLES AND VARIABLES */ if (pam_end(pamh, retval) != PAM_SUCCESS) pamh = NULL; else return retval; exit (CS_SUCCESS); } |
Possible Exit Conditions and Return Values |
This function returns a number of possible values:
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X)System API Name: sys/add_account Assigned to: Reference: |
|
Description |
This system configuration function runs with suid root permissions. It adds a new account to the system with the value of the username field passed in as a parameter, then sets the initial password on this account to the value of the password field passed in as a parameter. Finally, it uses the system edquota command to set the user quota on this new account to the value stored in the corresponding prototype account. |
Implementation Skills |
PERL, C |
Parameter List |
Username, password, and member_type. |
Called By: |
vol/listapps.cgi |
Can Call: |
/usr/bin/passwd prototype-user (non-login account profile) |
Function Description |
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X)System API Name: sys/add_alias Assigned to: Reference: |
|
Description |
This system configuration function reads the system /etc/mail/aliases file, checks that no current entry matching old_address exists and if one does exist, deletes it. It then adds a new entry mapping old_address to new_address and rebuilds the newaliases database. The function must NOT be allowed to alter any of the system aliases. Because editing the aliases file and rebuilding new alias databases are protected procedures, this function will need suid permissions. |
Implementation Skills |
PERL, C |
Parameter List |
old_address and new_address where old_address is the address to which mail is sent and new_address is the address to which mail is delivered. |
Called By: |
vol/listapps.cgi |
Can Call: |
/usr/bin/newaliases |
Function Description |
|
Possible Exit Conditions and Return Values |
|
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/change_user Assigned to: Reference: |
|
Description |
This function renames the user’s home directory from old_username to new_username, effecting this change in the system password and shadow files and adding a system alias mapping the old_username to new_username. Because of the permissions involved, this command must be set to suid root. |
Implementation Skills |
C |
Parameter List |
old_username, new_username |
Called By: |
vol/listupgrades.cgi |
Can Call: |
sys/add_alias |
Function Description |
|
Possible Exit Conditions and Return Values |
This function should always return 0. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_virtualdomain Assigned to: Reference: |
|
Description |
This function is a stub to add a new virtualdomain to the webserver configuration. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL |
Parameter List |
Domainname, Username, Groupname |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if the virtual domain name is already taken. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_ppp Assigned to: Reference: |
|
Description |
This function is a stub to grant ppp access to a new or existing member. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL |
Parameter List |
username |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if ppp access is not permitted for some reason. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_db Assigned to: Reference: |
|
Description |
This function is a stub to create a new database and provide read/write access to a new or existing member. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL |
Parameter List |
Database_name, Username, Password |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if the database creation failed for some reason. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_quota Assigned to: Reference: |
|
Description |
This function is a stub to add disk quota to a user. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL, C |
Parameter List |
Mount_point, Mb to increase, Username |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if the setquota command fails for some reason. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_ssl Assigned to: Reference: |
|
Description |
This function is a stub to add ssl access to a virtual domain. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL, C |
Parameter List |
Virtual_domain |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if the configuration is not permitted for some reason. |
Sign Off by: |
Project Manager |
Procedure Model Type: ( )Web Page ( )CGI Script ( )Shared Library (X )System API Name: sys/add_listserver Assigned to: Reference: |
|
Description |
This function is a stub to add a new mailing list to the listserver. It currently manages a manual workflow process but can be automated in the future. |
Implementation Skills |
PERL, C |
Parameter List |
Listname, Username |
Called By: |
vol/listapps.cgi |
Can Call: |
log/csuite |
Function Description |
|
Possible Exit Conditions and Return Values |
Currently, this function will always be successful (returning 0). In the future, it will return a –1 if the configuration is not permitted for some reason. |
Sign Off by: |
Project Manager |
Links
[1] https://niedermayer.ca/user/login?destination=node/56%23comment-form
[2] https://niedermayer.ca/user/login?destination=node/68%23comment-form
[3] https://niedermayer.ca/user/login?destination=node/57%23comment-form
[4] https://niedermayer.ca/user/login?destination=node/58%23comment-form
[5] https://niedermayer.ca/user/login?destination=node/59%23comment-form
[6] https://niedermayer.ca/user/login?destination=node/60%23comment-form
[7] https://niedermayer.ca/user/login?destination=node/61%23comment-form
[8] https://niedermayer.ca/user/login?destination=node/62%23comment-form
[9] https://niedermayer.ca/user/login?destination=node/63%23comment-form
[10] https://niedermayer.ca/user/login?destination=node/64%23comment-form
[11] https://niedermayer.ca/user/login?destination=node/65%23comment-form
[12] https://niedermayer.ca/user/login?destination=node/66%23comment-form
[13] https://niedermayer.ca/user/login?destination=node/67%23comment-form
[14] https://niedermayer.ca/user/login?destination=node/69%23comment-form
[15] https://niedermayer.ca/user/login?destination=node/72%23comment-form
[16] https://niedermayer.ca/user/login?destination=node/73%23comment-form
[17] https://niedermayer.ca/user/login?destination=node/74%23comment-form
[18] https://niedermayer.ca/user/login?destination=node/76%23comment-form
[19] https://niedermayer.ca/user/login?destination=node/78%23comment-form
[20] https://niedermayer.ca/user/login?destination=node/77%23comment-form
[21] https://niedermayer.ca/user/login?destination=node/79%23comment-form
[22] https://niedermayer.ca/user/login?destination=node/80%23comment-form
[23] https://niedermayer.ca/user/login?destination=node/81%23comment-form
[24] https://niedermayer.ca/user/login?destination=node/82%23comment-form
[25] https://niedermayer.ca/user/login?destination=node/83%23comment-form
[26] https://niedermayer.ca/sites/default/files/large_dfd4.PNG
[27] https://niedermayer.ca/user/login?destination=node/84%23comment-form
[28] https://niedermayer.ca/user/login?destination=node/85%23comment-form
[29] https://niedermayer.ca/user/login?destination=node/86%23comment-form
[30] https://niedermayer.ca/user/login?destination=node/87%23comment-form
[31] https://niedermayer.ca/user/login?destination=node/88%23comment-form
[32] https://niedermayer.ca/user/login?destination=node/89%23comment-form
[33] https://niedermayer.ca/user/login?destination=node/90%23comment-form
[34] https://niedermayer.ca/user/login?destination=node/91%23comment-form
[35] https://niedermayer.ca/user/login?destination=node/92%23comment-form
[36] https://niedermayer.ca/user/login?destination=node/93%23comment-form
[37] https://niedermayer.ca/user/login?destination=node/94%23comment-form
[38] https://niedermayer.ca/user/login?destination=node/95%23comment-form
[39] https://niedermayer.ca/user/login?destination=node/96%23comment-form
[40] https://niedermayer.ca/user/login?destination=node/97%23comment-form
[41] https://niedermayer.ca/user/login?destination=node/173%23comment-form
[42] https://niedermayer.ca/user/login?destination=node/174%23comment-form
[43] https://niedermayer.ca/user/login?destination=node/175%23comment-form
[44] https://niedermayer.ca/user/login?destination=node/176%23comment-form
[45] https://niedermayer.ca/user/login?destination=node/177%23comment-form
[46] https://niedermayer.ca/user/login?destination=node/178%23comment-form
[47] https://niedermayer.ca/user/login?destination=node/179%23comment-form
[48] https://niedermayer.ca/user/login?destination=node/180%23comment-form
[49] https://niedermayer.ca/user/login?destination=node/181%23comment-form
[50] https://niedermayer.ca/user/login?destination=node/182%23comment-form
[51] https://niedermayer.ca/user/login?destination=node/183%23comment-form
[52] https://niedermayer.ca/user/login?destination=node/184%23comment-form
[53] https://niedermayer.ca/user/login?destination=node/185%23comment-form
[54] https://niedermayer.ca/user/login?destination=node/186%23comment-form
[55] https://niedermayer.ca/user/login?destination=node/188%23comment-form
[56] https://niedermayer.ca/user/login?destination=node/189%23comment-form
[57] https://niedermayer.ca/user/login?destination=node/190%23comment-form
[58] https://niedermayer.ca/user/login?destination=node/191%23comment-form
[59] https://niedermayer.ca/user/login?destination=node/192%23comment-form
[60] https://niedermayer.ca/user/login?destination=node/193%23comment-form
[61] https://niedermayer.ca/user/login?destination=node/194%23comment-form
[62] https://niedermayer.ca/user/login?destination=node/195%23comment-form
[63] https://niedermayer.ca/user/login?destination=node/196%23comment-form
[64] https://niedermayer.ca/user/login?destination=node/197%23comment-form
[65] https://niedermayer.ca/user/login?destination=node/198%23comment-form
[66] https://niedermayer.ca/user/login?destination=node/199%23comment-form
[67] https://niedermayer.ca/user/login?destination=node/200%23comment-form
[68] https://niedermayer.ca/user/login?destination=node/201%23comment-form
[69] https://niedermayer.ca/user/login?destination=node/202%23comment-form
[70] https://niedermayer.ca/user/login?destination=node/203%23comment-form
[71] https://niedermayer.ca/user/login?destination=node/204%23comment-form
[72] https://niedermayer.ca/user/login?destination=node/205%23comment-form
[73] https://niedermayer.ca/user/login?destination=node/206%23comment-form
[74] https://niedermayer.ca/user/login?destination=node/207%23comment-form
[75] https://niedermayer.ca/user/login?destination=node/208%23comment-form