httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <>
Subject Re: writing a soap/web services authorization module over Apache
Date Fri, 10 Aug 2001 12:00:33 GMT
Tarun Upadhyay wrote:

> Our basic design allows the use of another module (say mod_auth or
> something else) to authenticate users but through an "access file", we
> authorize users to connect to particular web-service or its methods.
> We want the user to be able to authorize users at either top, service or
> method level. I want to ask how should such a file (and corresponding access
> policies) be structured.

The current auth structure within apache can authenticate a user based
on a username/password combination, then it can authorise a user using a
"require <blah>" directive. If possible, whatever you need to do should
fall into this kind of operation so that existing modules can be used to
do authentication.

I'm not sure what authentication and authorisation requirements you

-----------------------------------------		"There's a moon
					over Bourbon Street
View raw message