httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@hyperreal.com>
Subject Re: mod_auth_external.c (fwd)
Date Sun, 03 Mar 1996 04:42:06 GMT


---------- Forwarded message ----------
Date: Tue, 20 Feb 1996 09:02:37 -0600
From: Nathan Neulinger <nneul@umr.edu>
To: cwcheng@ucla.edu, brian@hyperreal.com
Subject: Re: mod_auth_external.c

At 4:45 AM 2/20/96, cwcheng@ucla.edu wrote:
>Can you tell me why do you want to put
>user=username
>pass=password in
>the environvariable
>what is the purpose in that
Reason for putting in environment is easiest way to pass the info to the
child subprocess. Can't put on command line/argv since will show up in PS
listings. (Don't want password showing up). If you have a better way to do
this, I'd love to hear about it. This was just a quick and easy way to get
it to work.

>what exactly is your module do

It present a unified interface to external authentication routines.
Basically, I can't link in AFS and/or Informix Database code in with apache
due to symbol conflicts (and it makes the executable HUGE if I do do it) -
so basically, I have this Auth module just call externals.

It is useless by itself, it is only useful if you go and build another auth
program locally. You then define this in the mod_auth_external.c  (see how
I specified a path to afsauth), and assign it a name 'afs' for example.
Then the htaccess file will contain:

AuthUserFile /dev/null
AuthGroupFile whatever
AuthName afs authentication test
AuthType basic
AuthExternal afs

The 'afs' is so that if you define multiple external auth routines in the
module, you can pick one.

Ideally, a better way to implement the above would be to have a
configuration option:

DefineAuthExternal afs /afs/umr.edu.../afsauth

This way, no code modifications are necessary to add a new routine.
However, this configuration option would HAVE to be restricted to the
httpd.conf file. I don't want individual users to be able to add new auth
modules.

>and what is afs
Andrew File System - it uses Kerberos authentication servers for
authentication of it's user ID's.

>I am working on another auth module
>and it may conincide with yours
>but I am not sure since I have no idea
>about what you are trying to do .
>
>Please reply
>thanks
>cheng

------------------------------------------------------------
Nathan Neulinger                  Univ. of Missouri - Rolla
EMail: nneul@umr.edu                  Computing Services
WWW: http://www.umr.edu/~nneul      SysAdmin: rollanet.org
WWW: http://pluto.cc.umr.edu      SysAdmin: pluto.cc.umr.edu




Mime
View raw message