Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
Received-SPF: pass (nike.apache.org: local policy)
From: Rachel Anderson-Barrios <rbarrios@fimacsolutions.com>
To: users@httpd.apache.org
In-Reply-To: <20070925121919.GA1731@freenet.de>
References: <20070925121919.GA1731@freenet.de>
Content-Type: text/plain
Message-Id: <1190739226.12752.21.camel@randerson.fimacsolutions.com>
Mime-Version: 1.0
Date: Tue, 25 Sep 2007 10:53:46 -0600
Content-Transfer-Encoding: 7bit
Subject: Re: [users@httpd] One-Time authentificaton for multiple servers

Michelle,

I am not an apache expert.  However, it sounds like you need an actual
programming to do what you would like to do.

>>From the sounds of it, you would need to have a central program which
would check authentication every time the user made a request.  If the
user wasn't logged in, it would throw an error sending them to a logon
screen.  If they were logged in, it would update its internal 'logout
time'.  It would have an independent thread which would check the list
every few minuets, checking the 'logout time' with the 'current time'
and remove anyone from that list who is past due.

I would use the postgreSQL DB to authenticate the user, but not to
update their status.  Your program should cache them into it's memory to
save on read-write to the database.

We use something quite similar in our applications.

Sincerely,
-Rachel

On Tue, 2007-09-25 at 06:19, Michelle Konzack wrote:
> Hello,
> 
> I have a couple of servers (currently 42 Web-Servers et a redunant
> PostgreSQL for AUTH) and I am trying to get a One-Time authentification
> running.
> 
> Exactly:
> 
> It should not mather on which Web-Server the $USER authenticate and if
> she/he change the website dynamicly...  The AUTH should be done on the
> PostgreSQL and then the Web-Server should ask the PostgreSQL whether
> the AUTH is valid or not.
> 
> I need a variable timeout (per $USER) and it should be refreshed each
> time the user klick a link or such...  After the timeout, the $USER need
> to re-authenticate again on one of the Web-Servers.
> 
> In general, I prefer to use PAM auth because the infrastructure is there
> and more easier on Debian-Systems.
> 
> Can anyone tell me how to do this?
> 
> Note:  I will have over 700.000 $USER if the whole thing is running and 
>        we will use at least 200 Web-Servers and 8 PostgreSQL world wide.
> 
> Thanks, Greetings and nice Day
>     Michelle Konzack
>     Systemadministrator
>     Tamay Dogan Network
>     Debian GNU/Linux Consultant
> 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org