CGI Security

Hi All,

I have recently been working with the CGI interface, but am getting a bit confused regarding security.

I have been trying to use the following
while (naCgiCheckAccess(theDataPtr, theCgiPtr, NASYSACC_LEVEL_HTTP_R1) == eRpPasswordPending) {
printf(PWD_FMT, tx_time_get());
tx_thread_sleep(5);
}

if (naCgiCheckAccess(theDataPtr, theCgiPtr, NASYSACC_LEVEL_HTTP_R1) == eRpPasswordAuthorized) {
	ProcessCgi(theDataPtr, theCgiPtr);
}
else {
	theCgiPtr->fHttpResponse = eRpCgiHttpUnauthorized;	
} 

but this seems to give some peculiar results and at times allows access even with incorrect passwords.
Does anyone have any ideas on the correct algorithm to use or any sample code that they can share?

Have you use the function naCgiSetAccess?
You have to call this function for each request in RpExternalCgi,