httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Suneet Shah <suneetshah2...@gmail.com>
Subject Developing an Authentication Module
Date Thu, 15 Sep 2011 15:41:36 GMT
Hello,



I need to build modules that will handle authentication and authorization.  Our
requirements seem to be a little different then what is provided with the
apache web server. However, before I started down this path, I was hoping to
get some feedback on the approach, as I am new module development.



In our architecture, authentication and authorization is handled by a set of
web services.  I would need to have the apache module make calls to the
service. I was planning on using Axis 2 for this. Are there any issues with
thiat?



For Authentication:

I need to be able to look at request and see if it has a security token. If
it does, then I need to validate it through the service.

If it does not, then I need to redirect them to an authentication page.

I thought it would be easier to handle the authentication through our java
application (as we have the rest of the application) or should this part of
the module as well?

If a person successful authenticates, then the authentication app would
redirect the user to the originally requested url. This would flow through
the apache web service and mod-proxy to end up at the target location.



Does this approach seem reasonable ?



Thanks for your feedback.

Suneet

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message