Good morning, On 26/8/03 at 8:26 PM +0200, Thomas Klausner <[EMAIL PROTECTED]> wrote:
>Hi! > >On Die, Aug 26, 2003 at 09:06:05 +1000, Charlie Garrison wrote: > >>I need to protect resources in both the static (proxy) front-end and >>the mod_perl back-end. I have been using standard http authentication >>which works pretty well except for not allowing a proper logout >>function and some caching issues which result in occasional false >>FORBIDDEN responses. Since a proper logout has become an important >>requirement, I am looking for other solutions. > >Did you take a look at Apache::AuthCookie? >http://search.cpan.org/author/MSCHOUT/Apache-AuthCookie-3.04/ Yes, I've looked at Auth::Cookie, and if I needed a mod_perl only solution, it would be perfect. >>Since I need the user credentials in the mod_perl app, I'm not happy >>to leave all authentication to the front-end proxy server unless it >>sets the user credentials (or some other values) before passing along >>the request. > >As AuthCookie is a mod_perl handler, you would have to put the >Authentification into the backend. Depending on how you generate the session >key (i.e. the value of the Auth Cookie), you should be able to use the >cookie in the frontend using one of the modules you mentioned (although I >don't know any of them..) Which sort of brings me back full circle. I'm happy to write the backend (modperl) support myself for whatever the frontend module requires. But the module that I would choose (mod_auth_mda) doesn't have perl examples for creating the MD5 cookie, and I'm only borderline confident that I can take their java examples along with the documentation to figure out perl routines for the cookie creation. I'm still hoping someone has already solved this issue of shared authentication scheme between static frontend and modperl backend servers. Thanks, Charlie -- Charlie Garrison [EMAIL PROTECTED] PO Box 141, Windsor, NSW 2756, Australia -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html
