Dustin,
As long as you're willing to accept the risks, it might be possible to write
a simple redback authentication provider that simply uses the sent header
information. Authorization, as Brett mentioned, is still something you'll
have to handle at the application level.
Brent
On Wed, Apr 13,
Unfortunately, only the /repository/ section uses basic auth headers - so it
might work for those, but not the webapp that relies on cookies being set. Even
so, you'd have to hook it up to LDAP for the user details. At present, we don't
store any roles in LDAP - they are always in the Archiva us
Hello all,
Our httpd hosts a large variety of web applications using various technologies,
including a mod_jk proxy to Tomcat, where archiva is hosted. It also protects
everything with SSL and mod_sspi, meaning that users get an authentication
prompt and use their domain credentials to log in.
