https://www1.columbia.edu/sec-cgi-bin/c2c/c2c-mungeform.plIt needs the arguments
destinationurl -- url that the user should finally end up at;
this should be a protected resource requiring authentication
gatewayurl -- url of (presumably) a cgi script at the remote publisher's
site which will do certificate verification and will then
forward the user on to the destintationurl
formtemplate -- name of the form template at Columbia that will be used
for login. Each publisher will likely provide a different
value so that we can customize the form depending on
the publisher's resources
publisher -- argument identifying the publisher of the resource to which
the user wants access. This is optional but we would
like it so that we are certain we generate a certificate
that the particular publisher can parse, with user ids
that match the publisher's specs
errortemplate -- name of an error template at Columbia that can be used
to report an error to the user. This again may vary from
publisher to publisher depending on what we want to tell
our users here.
Arguments to the publisher's CGI script will be as follows:
cert -- base-64-encoded certificate, all on one line, no carriage
returns or line feeds, and no PEM headers
destinationurl -- url to which the user should be referred if the certificate
check by the publisher is successful
For publishers who do not want to send users to a login form but would prefer that they use the Basic Auth provided by HTTP, the cgi script https://www1.columbia.edu/sec-cgi-bin/c2c/restr/nph-c2c.pl may be used. It takes the same arguments as c2c-mungeform.pl except that there is no formtemplate variable. It produces the same output as the c2c-mungeform.pl script as well.