httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ajay Garg <ajaygargn...@gmail.com>
Subject Re: [users@httpd] Queries regarding the feasibility of achieving a use-case with HTTPD
Date Sun, 25 Aug 2013 11:57:55 GMT
Thanks Pete for the reply.

One question regarding the module at
http://home.digithi.de/digithi/dev/mod_auth_cookie_mysql/ ::
it says that "Additionally nobody can "hack" the system by manipulating the
cookie values because they are only valid for one session".

Does that mean that once the user exits the window, the user will be
required to authenticate/login again? Or "one session" here means the
time-until-which-user-explicitly-logs-out (which may run into days)?


This question is very important for our use-case, because we intend to
truly implement an "almost" Single-Sign-On (I say "almost", because the
user shouldn't need to login, until the cookie expires, say in 30 days).


Will be grateful for clearances :)


On Sun, Aug 25, 2013 at 3:20 PM, Pete Houston <ph1@openstrike.co.uk> wrote:

> On Sat, Aug 24, 2013 at 04:44:46PM +0530, Ajay Garg wrote:
> > Is the above workflow possible by merely using HTTPD, or some form of
> > external proxy-software (like "squid") is required?
>
> Yes, this is possible with just httpd.
>
> > If it is indeed possible to achieve the above with just HTTPD, I will be
> > grateful if you could let me know how to add redirections, so that
> > any URL goes via the "login.php" in-between (of course, if the user has
> > already authenticated once, he is taken directly to the URL).
>
> Do not use redirections - use the proper authnz mechanisms instead.
> For a worked example of how to do it correctly see
> http://home.digithi.de/digithi/dev/mod_auth_cookie_mysql/
>
> Pete
> --
> Openstrike - improving business through open source
> http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107
>



-- 
Regards,
Ajay

Mime
View raw message