httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew White <aewh...@uark.edu>
Subject [users@httpd] AuthZ POST content and multiple handlers
Date Fri, 22 Sep 2006 14:19:00 GMT
I am attempting to authorize post content (SOAP methods) against ACLs,
but once the authorize handler grabs the HTTP body, the other handlers
can't process the content. 

A work around is to proxy the request to a local virtual host to handle
the request AFTER it has been authorized, but then the SSL/TLS
information is lost. Also, this means that anyone on that box can bypass
the authorizer by simply calling the proxied virtual host. 

I would like to do everything in a single pass so I can keep the SSL
info and make it harder for local apps to bypass ACLs.

Any ideas?
Thanks,
Andrew


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message