Logo ROOT   6.14/05
Reference Guide
httpaccess.C File Reference

Detailed Description

This program demonstrates access control to the THttpServer with digest methods.

Authentication file auth.txt was generated with following shell commands:

[shell] htdigest -c auth.txt root guest
typing <empty> password for guest account
[shell] htdigest auth.txt root admin
typing 'admin' as password for admin account

When macro started and opening in browser with url


User name and password will be requested. One should either specify guest account without password or admin account with password 'admin'

User with guest account only can monitor histograms User with admin account see commands, which can be executed

#include "TH1.h"
#include "TH2.h"
#include "TRandom3.h"
#include "TSystem.h"
#include "THttpServer.h"
void httpaccess()
// create histograms
TH1D *hpx = new TH1D("hpx","This is the px distribution",100,-4,4);
TH2D *hpxpy = new TH2D("hpxpy","py vs px",40,-4,4,40,-4,4);
if (gSystem->AccessPathName("auth.txt")!=0) {
printf("Please start macro from directory where auth.txt file is available\n");
printf("It required to supply authentication information for the http server\n");
// start http server
THttpServer* serv = new THttpServer("http:8080?auth_file=auth.txt&auth_domain=root");
// or start FastCGI server, where host server (like Apache or lighttpd) should enable own authentication
// for apache one should add correspondent module and authentication for fastcgi location
// for lighttpd one add following lines to configuration file:
// server.modules += ( "mod_auth" )
// auth.backend = "htdigest"
// auth.backend.htdigest.userfile = "/srv/auth/auth.txt"
// auth.require = ( "/root.app" => ( "method" => "digest", "realm" => "root", "require" => "valid-user" ))
// THttpServer* serv = new THttpServer("fastcgi:9000");
// One could specify location of newer version of JSROOT
// serv->SetJSROOT("https://root.cern.ch/js/latest/");
// serv->SetJSROOT("http://jsroot.gsi.de/latest/");
// register histograms
serv->Register("/", hpx);
serv->Register("/", hpxpy);
// register commands, invoking object methods
serv->RegisterCommand("/ResetHPX","/hpx/->Reset();", "button;rootsys/icons/ed_delete.png");
serv->SetItemField("/ResetHPX","_update_item", "hpx"); // let browser update histogram view after commands execution
serv->RegisterCommand("/ResetHPXPY","/hpxpy/->Reset();", "button;rootsys/icons/bld_delete.png");
serv->SetItemField("/ResetHPXPY","_update_item", "hpxpy"); // let browser update histogram view after commands execution
// here also example how command with arguments can be invoked
serv->RegisterCommand("/RebinHPX","/hpx/->Rebin(%arg1%);", "button;rootsys/icons/ed_execute.png");
serv->SetItemField("/RebinHPX","_update_item", "hpx"); // let browser update histogram view after commands execution
// these two commands fully hidden for other accounts,
// only admin can see and execute these commands
serv->Restrict("/ResetHPX", "visible=admin");
serv->Restrict("/ResetHPXPY", "visible=admin");
// this command visible for other, but will be refused (return false)
// when executed from any other account
serv->Restrict("/RebinHPX", "allow=admin");
// Fill histograms randomly
TRandom3 random;
Float_t px, py;
const Long_t kUPDATE = 1000;
Long_t cnt = 0;
while (kTRUE) {
// IMPORTANT: one should regularly call ProcessEvents
if (cnt++ % kUPDATE == 0) {
if (gSystem->ProcessEvents()) break;
Sergey Linev

Definition in file httpaccess.C.