httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Anders Melchiorsen <m...@spoon.kalibalik.dk>
Subject Authentication module sanity check
Date Tue, 18 Jan 2011 11:29:02 GMT
Hi developers.

I have hacked up a new authentication module[1] that will use libcurl to
forward all cookies to a specified URL. The URL will validate my normal
session cookie and print the matching username.

This way, I can reuse my internal session manager to password protect
folders (webalizer, munin, etc.) with a simple .htaccess like this:

 AuthType Cookiecheck
 AuthCookiecheckUrl http://example.com/cgi/cookiecheck.cgi
 Require user myaddr@example.com

and not bother users with the annoying basic auth and an extra password.


As I am not used to working with the Apache source code, I would
appreciate comments on this approach. I am wary of the implementation
details as well as the general idea.

[1]
http://www.kalibalik.dk/anders/software/mod_auth_cookiecheck/mod_auth_cookiecheck.c


Thanks,
Anders.


Mime
View raw message