www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <minf...@sharp.fm>
Subject Re: Centralised authentication/authorisation
Date Mon, 15 Dec 2008 14:03:03 GMT
Paul Querna wrote:

> No, we are not going down the path of doing mod_sesion right now.
> Keep it simple, keep it bounded, get the core-services running, and skip 
> on all this right now.

What is your definition of "core-services"?

I have found from experience that most apps out there already work 
really well with normal CGI environment variables, or basic auth headers 
handed to them from Apache. And it turns out that httpd is really good 
at providing those header and variables to underlying apps, on condition 
  the user is authnz to httpd.

Trying to configure apps like bugzilla and friends to access LDAP 
directly is doing this the hard way.


View raw message