Advanced Web Server (AWS) CGI security

Embedded Devices NET+OS
, ,
#1

I still have issues with CGI and with AWS in generale but this is CGI related
I know I have to user naCgiSetAccess and naCgiCheckAccess to limit function access
but I have no idea how to get caller autorization level form inside RpExternalCgi

this is what i’m doing with minimal comments.

void RpExternalCgi(void *theDataPtr, rpCgiPtr theCgiPtr) {

 // GET request
 // Path is "enpoint" 
 if (theCgiPtr->fHttpRequest == eRpCgiHttpGet && strncmp(
 theCgiPtr->fPathPtr, "/enpoint", 8) == 0) {
     
     // Set authorization.
     unsigned int authLevel = // ?????? should be the caller auth level...but how to get it? 
     naCgiSetAccess(theDataPtr, theCgiPtr, authLevel );
     
     // Security only administrator should be allowed.
     rpPasswordState password_state = naCgiCheckAccess(theDataPtr, theCgiPtr, NASYSACC_LEVEL_ADMINISTRATOR);

     if (password_state == eRpPasswordNotAuthorized) {...}else{...}

 }

}

#2

if someone is interested I’m self answering my question

get caller sys access with:

unsigned naGetSysAccessByUsrAndPsswd(const char * username, const char * password, NAIpAddress_t * ipAddrPtr);