httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colin 't Hart" <colinth...@gmail.com>
Subject [users@httpd] How to integrate Apache's authentication with my app's?
Date Fri, 06 Sep 2013 14:21:53 GMT
Hi,

We have a web app written in PL/SQL (stored procedures in an Oracle
database). We use Apache and mod_owa (a variant on the mod_plsql theme) as
HTTP glue. Currently we're on Apache 2.2, but upgrading to 2.4 would be an
option.

Our app handles security itself (our own tables of users and roles); like
all web apps, logged in users get a cookie. For the sake of this
discussion, let's assume our app runs under www.my.com/app

Now we want to be able to serve some ordinary files using Apache to
authenticated users (registration of downloads basically). Again, for the
sake of discussion, assume that files are served from www.my.com/file

How can we integrate this with Apache's authentication? Functionally, a
user logged in to our app should be able to download a file without logging
in again elsewhere. Conversely, someone who isn't logged in trying to
download the file should be prompted to log in.

What's the best way to achieve this? The easiest way?
Thanks for any tips!

Cheers,

Colin

Mime
View raw message