Thanks guys!
(Michael Hanisch, Michael Robinton, Jonathan Leto)
I think the session key idea will work for me, just hoping there are a
generic solution out there. This is a typical problem why people turn to
LDAP, but LDAP is just so horrible to administer.
Regards,
Simon Wei
Hi:
ReHi
packages provided by mod_perl. However, there doesn't seems to be a
solution
to dynamically protect a directory without restarting Apache.
What I will like to do:
Store the URI Directory need to be protected in the database with the
permitted Groups.
What I have done:
Using Perl and DBI in httpd.conf, and query the database for the
directory
information every time Apache starts.
Problem:
For Authentication and Group Authorization, changes in the database will
be
reflected without restarting Apache. Not so for the URI Directory part
of
it.
Hmm, sorry if this sounds stupid, but...
What keeps you from querying the DB on every request, i.e. in a
custom-built Authen/Authz-handler?
On a site with a small userbase, the overhead should be neglectable.
Besides, you can still cache the query results in memory and expire them
after a certain time.
Or did I miss something here?
BTW: There are several modules on CPAN that do what you want (if I did get
what you want, that is ;)
Regards,
Michael.
I have thought about restarting Apache from time to time, but thinking
there
must be a "lazier" way with performance consideration.
Thanks for any comments or tips.