> > One extra requirement is that some of the pages need authentication > > which is cookie based. I would need to check the cookie against a > > database to see if the caller is authenticated to access the particular > > page. Has anyone done/seen anything similar implemented in mod_perl? > > That's very easy to do in mod_perl, but you generally do not want to run > mod_perl on the proxy server. The idea is to keep the proxy server > really small and light. There are various auth modules for apache > written in C which you might be able to use. If none of those suit your > needs and you don't want to write a C module, you certainly can put > mod_perl on the proxy and write what you want in Perl. The only > drawback to this is the additional memory that will be needed for that > server. >
In the docs you cited, it says: "ProxyPass happens before the authentication phase, so you do not have to worry about authenticating twice." How does this work? I need to check the clients cookie against a database to make sure they have sufficient authorisation to access the cached page. The authentication mechanisms are going to be different depending on whether the page has already been cached. That is, if the page is coming from the "dynamic" webserver then that webserver is going to create the content and do the authentication/authorisation however for subsequent visitors I need the caching "reverse proxy" to do the authentication. Could you expand on the steps in the apache process cycle involved here? I can't quite see how this fits together. I would have thought that I would have to write my own authentication module as our authentication system is somewhat custom. I would probably prototype it in mod_perl then if needed re-write it in C. Thanks, Abdul-Wahid
signature.asc
Description: This is a digitally signed message part
