Return-Path: 
 <dev-return-23641-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 26265 invoked by uid 500); 22 Nov 2001 19:34:16 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
list-post: <mailto:dev@httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Delivered-To: moderator for dev@httpd.apache.org
Received: (qmail 10111 invoked from network); 22 Nov 2001 11:41:15 -0000
Message-ID: <1B8F1BC882AFD511974C00902773DF26239D5D@jess.scar.hull.ac.uk>
From: Angus Marshall <A.Marshall@dcs.hull.ac.uk>
To: "'dev@httpd.apache.org'" <dev@httpd.apache.org>
Subject: RE: Problem with user autehntication
Date: Thu, 22 Nov 2001 11:40:27 -0000
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: text/plain
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N


 -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can associate a handler (custom program) with the
directory or document types and get that to do the 
checking transparently (no need to code a reference to it
anywhere other than in the config or .htaccess file)

Take a look at the AddHandler / SetHandler directives.


- -----Original Message-----
From:	Chandramouli Kharidehal [SMTP:Ckharidehal@sapient.com]
Sent:	Thursday, November 22, 2001 9:20 AM
To:	dev@httpd.apache.org
Subject:	Problem with user autehntication 






  
Hi 
    I am new to apache as part of project we are using apache as the
web server and i really love apache Open software 
    I have some problem with user authentication 
    As part of our project we have to provide user authentication
when the user clicks on the download link of a file 
   each user is  mapped to set of roles internally and based on these
roles we protect and give permissions to the directory I mean which
role has access to which directory 

   Now I want this functionality that whent the user clicks on a
download link in the page ( which is our project based page) 

      a  c code   should take the information from the HTTP header we
are writing user role :password to the header check  compare it with
our configuration file that resides in the web server and give access
to the documents 

      See the problem comes because we have multiple user roles so
when a user logs in and he has multiple roles 
     we write role1,role2;password . So the problem is  before the
user gets a chance to download the document i wan tto authorize
wheter he can really do it or not in a customised way can i do it in
Apache if so please expalin 

      Thanks 

Mouli 


  


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO/zkL262pemBalSAEQJmQQCg78lU7pIV8j74O8C0k8BAGTXJEMsAn0H8
uQtPjQQsqbuxvcdgIBLPeiXv
=129+
-----END PGP SIGNATURE-----