httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dhottin...@harrisonburg.k12.va.us
Subject Re: [users@httpd] .htaccess
Date Thu, 09 Jun 2011 12:57:16 GMT
Quoting Mark Montague <mark@catseye.org>:

>  On June 8, 2011 15:50 , dhottinger@harrisonburg.k12.va.us wrote:
>> I currently use .htaccess to prompt for username and password and   
>> point it to an ldap database running on my mailserver.  Im   
>> considering moving all my mail accounts to gmail.  Does anyone know  
>>  if it is possible to authenticate with .htaccess pointing to gmail  
>>  for info?
>
> It might be better to have your web application (WordPress, Drupal,
> whatever) authenticate the user via OAuth2 or OpenID using the user's
> Google account, instead of having Apache authenticate the user.  I have
> successfully done this, and can vouch that it works.
>
> If you are only serving static content (that is, if you are not running
> a web application) or if you have another reason to want Apache HTTP
> Server to do the authentication itself, then take a look at
> mod_auth_openid.  I have never tried using it myself, so I don't know
> if it will meet your needs or not.  See
> http://findingscience.com/mod_auth_openid/   Keep in mind that this
> will allow anyone to whom Google has issued credentials to
> authenticate; you'll likely need to add some sort of authorization in
> order to restrict access to the subset of authenticated users who you
> actually wish to grant access to.
>
> A pedantic point:  .htaccess does not "authenticate" anything, it's
> just an alternative way of specifying configuration directives, as
> opposed to requiring all configuration directives to be in the main
> configuration file (e.g., httpd.conf).  If you specify authentication
> directives in .htaccess, it is actually httpd that performs the
> requested authentication.
>
> --
>   Mark Montague
>   mark@catseye.org

Thanks Mark.  I appreciate the info.  I also realize that apache isnt  
authenticating, thanks for the pointer there.

as always very appreciative of any help,
ddh

-- 
Dwayne Hottinger
Network Administrator
Harrisonburg City Public Schools

"Everything should be made as simple as possible, but not simpler."
-- Albert Einstein

"The hottest places in Hell are reserved for those who, in times of moral
crisis, preserved their neutrality."
-- Dante


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message