Hi Dan,
We are using mod_auth_tkt to solve the problem of having backend servers handle authentication, but front end reverse proxies handle access control.
Here's a link: http://www.openfusion.com.au/labs/mod_auth_tkt/
There are a couple other variation out there as well.
HTH, Aaron
Dan Horne wrote:
Thanks for your suggestion.
I know nothing about mod_perl 2, and will look at the documentation today. I do have a couple of questions:
1. Is Apache 2 and mod_perl 2 stable? It may be a silly question, as they've been around for a while, but we've been an Apache v1 shop, and I've never used mod_perl v2 at all. Heck, I've only played with mp v1 in my own time 2. Because I have to justify my investigative time to the boss, I need to know that what I want to do is possible, namely: providing a reverse proxy to an existing website, where the proxy will programmatically allow users through depending on their access rights. It's due to this authentication requirement that I can't use mod_rewrite by itself
Dan
-----Original Message-----
From: Stas Bekman [mailto:[EMAIL PROTECTED] Sent: Thursday, 12 August 2004 5:07 p.m.
To: Dan Horne
Cc: [EMAIL PROTECTED]
Subject: Re: Proxying access to restricted information
Dan Horne wrote:
Following on from this, it seems that the PerlTransHandler looked like my best bet, but it doesn't seem to be able to alter the hostname (please correct me if there is a way to do this, as I struggled with it so far)
I guess mod_rewrite allows the hostname to be altered, but I need to intercept the request and perform access checks, and I don't know if I can do this before mod_rewrite kicks in during the request lifecycle.
With mod_perl 2, you can use
http://search.cpan.org/dist/Apache-Filter-HTTPHeadersFixup/
which is perfect for proxying as it does the work long before mod_rewrite kicks in. This module is a connection level filter.
-- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
