Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 40396 invoked from network); 30 Dec 2007 02:39:17 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 30 Dec 2007 02:39:17 -0000 Received: (qmail 83009 invoked by uid 500); 30 Dec 2007 02:38:56 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 82991 invoked by uid 500); 30 Dec 2007 02:38:56 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 82979 invoked by uid 99); 30 Dec 2007 02:38:56 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 29 Dec 2007 18:38:56 -0800 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_HELO_PASS,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [128.187.80.29] (HELO mail.cs.byu.edu) (128.187.80.29) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 30 Dec 2007 02:38:32 +0000 Received: from [192.168.1.134] (unknown [76.8.195.225]) by mail.cs.byu.edu (Postfix) with ESMTP id 272DC81F0373 for ; Sat, 29 Dec 2007 19:38:37 -0700 (MST) Message-ID: <477704BA.6040401@programmerq.net> Date: Sat, 29 Dec 2007 19:38:50 -0700 From: Jeff Anderson User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031) MIME-Version: 1.0 To: users@httpd.apache.org X-Enigmail-Version: 0.95.5 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig3FBB22AA79D4D077CF47AA34" X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] Authentication from within --------------enig3FBB22AA79D4D077CF47AA34 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable =46rom what I can tell, the only way to get a user authenticated in apach= e is through the popup box prompting for a username and password. I don't mind the box, but some people think that they are ugly, unprofessional, etc... I'd like to be able to take a web application (pick your flavor, cgi, perl, php, mod_python, fastcgi, etc...) and authenticate to an apache authentication mechanism. I would like to be able to make the call to apache to execute the authentication method with supplied data. Usually this comes in the http request packet from a user agent. The only way I can think of that would accomplish that is to have a javascript form send an ajax request with the user information in the header, and I'm not 100% positive that javascript/ajax can actually do that. I'd much rather have it be on the server side anyway. This would solve a few problems we have at work-- we have several web apps all with their own authentication methods. Almost all of them can be configured to be happy about an apache user being authenticated. The popup box would make the people upstairs in the big chairs unhappy. Being able to tell apache from a web application running on the server that a user is authenticated would be a marvelous solution to make everyone happy. If anyone has any insights, let me know. Thanks! Jeff Anderson --------------enig3FBB22AA79D4D077CF47AA34 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHdwS6NycvrHdvMZ0RAuqfAJ9xHrbCZL4Y6WuTWxsSA6HwfIMCigCg2C0O UMlYNSTfHXrc74JwTdByFzs= =sQnQ -----END PGP SIGNATURE----- --------------enig3FBB22AA79D4D077CF47AA34--