httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Wells <>
Subject mod_ticket
Date Sat, 29 Jan 2000 08:11:15 GMT
I would like to contribute this module to the Apache project:
I'm not sure what to do, so I am posting it here. If I should be 
doing something different, please tell me :-)

mod_ticket scans a URI for a digitally signed ticket and, if the
md5 signature is valid, makes it available as $TICKET in the
environment of sub-processes. The signature is generated from a
shared secret combined with the ticket value and the IP of the
remote user.

This enables several interesting things:

  -- pass authenticated traffic from one website to another if both
     sites share a secret

  -- encode unspoofable cookie-style data into a URL that can 
     survive relative linking. 

I have attached it to this message, and also posted it here:

Full documentation of mod_ticket appears in the C source header.


View raw message