httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Phil Endecott" <spam_from_apache_user...@chezphil.org>
Subject [users@httpd] PostgreSQL authentication in 2.2; caching?
Date Wed, 04 Jul 2007 11:29:52 GMT
Dear Experts,

I am in the process of migrating a system from 2.0 to 2.2 and need some 
advice about how to make PostgreSQL authentication work in the new system.

In the old system, I used mod_auth_pgsql from the Debian package.  I 
understand that the new auth framework in 2.2 provides database-backed 
authentication in a set of core modules.  But there are a couple of issues:

- Caching is essential in my application.  I don't believe that the new 
modules provide this, do they?  (I mean caching of the actual 
credentials, not just keeping the database connection open.)  This is 
something that was provided by the old mod_auth_pgsql, though it 
suffered from keeping one cache per request-handling thread/process.  I 
notice that there is a mod_authn_cache here: 
http://mod-auth.sourceforge.net/docs/mod_authn_cache/.  However, this 
doesn't seem to have been worked on for a while and is still 'in 
development'.  Does anyone know anything about the status of this module?

- Having said that caching is essential, mod_auth_pgsql suffered from 
not flushing its cache when the database changed.  In my case, this 
means that when users change their password the system will be broken 
for a while as some of the request-handling threads/processes will 
cache the old password and some will cache the new one.  Does 
mod_authn_cache have the same issue?  The fix for this would be to use 
PostgreSQL's asynchronous notification mechanism to clear the caches 
when a password is changed.  When I first considered moving to 2.2 I 
posted something about this here:  
http://thread.gmane.org/gmane.comp.apache.devel/23903/focus=23904.  At 
that time I decided to stick with 2.0.x in the hope that someone else 
would fix the problem - I don't suppose anyone has, have they?


Any suggestions about how to proceed would be much appreciated.

Regards,

Phil.





---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message