Return-Path: 
 <users-return-88145-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 48804 invoked from network); 10 May 2009 23:14:38 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 10 May 2009 23:14:38 -0000
Received: (qmail 66549 invoked by uid 500); 10 May 2009 23:14:34 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 66501 invoked by uid 500); 10 May 2009 23:14:34 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 66492 invoked by uid 99); 10 May 2009 23:14:34 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 10 May 2009 23:14:34 +0000
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of j.zuckerman@gmail.com
 designates 209.85.217.157 as permitted sender)
Received: from [209.85.217.157] (HELO mail-gx0-f157.google.com)
 (209.85.217.157)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 10 May 2009 23:14:25 +0000
Received: by gxk1 with SMTP id 1so5113994gxk.0
        for <users@httpd.apache.org>; Sun, 10 May 2009 16:14:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:in-reply-to:references
         :from:date:message-id:subject:to:cc:content-type
         :content-transfer-encoding;
        bh=ABegqG60nGEfSbR3bycNuvFZ7XIKQxF0sFMIzIsdkzI=;
        b=sNRGTf1x6HLmJ5kT0OHi5sFrXQyzVxlV2odCAX8E4eTbIx42vuC9oFpnkMsSC/b8yb
         Ix35u+JrGmOA+7AONhXaSfSaVm3ayAVBoFwYSfWVbh5+xq96MFvXufHwb/sgNJ4OaJbB
         d3dX3tH6zZGTvJxCH5Tat7Bt7eHFID1i+UqBk=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc:content-type:content-transfer-encoding;
        b=IzrwaAR8MXTms2bx20uQoIryAEuPOCMX9tD70o5d+3ywlT88FCLI2/NAhYHv3OneSE
         wk//NhmxH7OIJEAm1EKGC5qBaZzc+DCVbReiNgJBuXkkJkbZ6h0Y8WOBaZApoCv3tmyK
         1LTSkJR7onK74bF+caBt2ybcF9ov58lHPXbHo=
MIME-Version: 1.0
Received: by 10.150.227.7 with SMTP id z7mr5032698ybg.305.1241997244082; Sun,
	10 May 2009 16:14:04 -0700 (PDT)
In-Reply-To: <1241886881.15790.17.camel@corn.betterworld.us>
References: <1241886881.15790.17.camel@corn.betterworld.us>
From: Jonathan Zuckerman <j.zuckerman@gmail.com>
Date: Sun, 10 May 2009 16:13:44 -0700
Message-ID: <5ddb50770905101613qb66a381n3243638a9e52ce87@mail.gmail.com>
To: users@httpd.apache.org
Cc: ross@biostat.ucsf.edu
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: Re: [users@httpd] authentication question

On Sat, May 9, 2009 at 9:34 AM, Ross Boylan <ross@biostat.ucsf.edu> wrote:
> Suppose I have apache running in front of a web application and
> subversion.
>
> I am thinking of a scenario in which the web application provides a
> login page. =A0However, the user may also browse to web pages served by
> subversion.
>
> Is there a way that my app can have someone log in and then pass the
> identity and authentication "up" to appache? =A0In particular, I'd want
> this authentication used if the user browsed over to the subversion
> repository.
>
> I'm assume a common source, e.g., LDAP, will provide user and password
> information that is the same for my app and apache.
>
> A final wrinkle is that the application itself may access subversion via
> http:// (https?) using either the identity of the user or, perhaps, a
> separate identity the application runs under.
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project=
.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> =A0 " =A0 from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

This is a good question, it would be nice to use Apache to
authenticate all those pages instead of having to include your own
application's authentication in every page.  Let us know if you do
find a solution for this, I'd be interested to hear how it turns out.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org