httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Bond" <>
Subject [users@httpd] apache external authentication
Date Thu, 29 May 2003 23:26:20 GMT
I am thinking of another solution for apache authentication. I have tried 
all the options for apache proxy secure authentication but it didn't work.

What I want now:
I want  cgi or php script which can authenticate user over https connection 
and set a header. for example AUTH="TRUE".
Once the user is autheticated successfully, thi AUTH header should be set 
and each proxy rwquest must check for this header. This header should be 
available for one browser session only and shoule expire after 1 hour of 
idle time.
If the header is no more set then my redirect rules should redirect the user 
to authntication page.

I have created the following rules. Can you please suggest if this approach 
will work? Can i  make apache to check for a header on each proxy request?

My proxy configuration:

<IfModule mod_proxy.c>
RewriteEngine on
RewriteLog "logs\rewrite_log"
RewriteLogLevel 9
RewriteCond  %{AUTH}  ^TRUE
RewriteRule  ^/$         [R,L]
ProxyRequests On
AllowConnect 443

<Proxy *>
    Order deny,allow
    Deny from all
    Allow from all

AuthType Basic
AuthName "Authentication"
AuthUserFile conf/pass
Require valid-user
Header add AUTH "TRUE"


ProxyVia On


Stay in touch with absent friends - get MSN Messenger

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message