httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Beattie <oli...@obeattie.com>
Subject Re: [users@httpd] Custom authentication?
Date Tue, 04 Jan 2011 11:30:47 GMT
Actually, that won't work… we need to be able to support clients that do not
support cookies (APT)

—Oliver


On 4 January 2011 11:30, Oliver Beattie <oliver@obeattie.com> wrote:

> Thanks for your quick reply… unfortunately I can't set a cookie. Another
> machine (different domain) is redirecting the user to this server (auth
> happens on that server) and this server is in effect acting as (one of
> several identically-configured) mirrors. However, it may be possible to
> redirect them to a location on the mirror that sets the cookie?
>
> —Oliver
>
>
> On 4 January 2011 11:28, Mark Watts <m.watts@eris.qinetiq.com> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On 01/04/2011 11:19 AM, Oliver Beattie wrote:
>> > Hi there,
>> >
>> > I am sure this question has likely been asked many times before, I'm
>> > just having a bit of a hard time finding answers.
>> >
>> > Basically, I need to be able to authenticate downloads based on a URL
>> > signature if present (passed as a query parameter), instead of via Basic
>> > authentication (I need to support both of these, but bypass the basic
>> > auth if no signature is present). It isn't a requirement that they live
>> > at the same path, so they can be at different virtual hosts/directories
>> > if necessary.
>> >
>> > At first, I thought the best way to do this would be just through a
>> > simple CGI/WSGI/whatever, but the files I am authenticating access to
>> > are very large (many GB) and I fear there may be a performance
>> > implication of doing this (and things like Range requests won't be
>> > possible without extra work).
>> >
>> > Has anyone had any experience with this? What is the best way to
>> > proceed? Any help anyone could give would be very much appreciated :)
>> >
>> > —Oliver
>>
>> After authentication, set a cookie with a sensible lifetime (~1 day).
>> If the cookie is set and valid allow the download, otherwise redirect to
>> the login page.
>>
>> Mark.
>>
>> - --
>> Mark Watts BSc RHCE
>> Senior Systems Engineer, MSS Secure Managed Hosting
>> www.QinetiQ.com
>> QinetiQ - Delivering customer-focused solutions
>> GPG Key: http://www.linux-corner.info/mwatts.gpg
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.11 (GNU/Linux)
>> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
>>
>> iEYEARECAAYFAk0jBFUACgkQBn4EFUVUIO2+lACg25ZDyyLlcM5B6KYU+zB5k/6d
>> 23kAn0eWbv+M4Z9vpWWo9yD8TeJl5aiI
>> =sGQx
>> -----END PGP SIGNATURE-----
>>
>
>

Mime
View raw message