Let's say I have the following configuration: 1. Front end proxy server (no mod_perl) 2. Back end application server (mod_perl) 3. Back end application server (php)
Now, *all* application requests are passed to the mod_perl server (yes, including the php requests). Performing security checks for all the applications on the mod_perl server is easy via a few simple handlers. However, I also want to *transparently* handle high-level application access security for the applications served from the php server using the same perl/db modle I use in the mod perl server. So, php application requests would bounce from the proxy server to the mod perl server to the php server. Is this workable? I currently use mod_rewrite to proxy the requests to the mod_perl server, and I'm assuming I would have to do something similar for the php server. However, I'm not all that sure how to do this, since I don't think mod_rewite will work the way I expect - I need to configure a <Location> but mod_rewrite doesn't work with <Location>. Or does it? In case anyone is wondering, I'm working on constructing a dynamic front-end portal that will gate through to various applications, some developed in house, others obtained from third parties - the clients wants to perform a global security check before getting to the application, hence the stuff that I'm creating. This is all related to a single sign-on environment - once the user has signed on an encrypted cookie will contain the application security information used to authorize the user int the various applications. Many thanks! -klm.