Hello all, How can I authenticate a user to both a servlet web application AND to Apache (1.3.9 running on NT) but only require that the user log in once? Here's the situation: Like most websites, we have a "members only" area that only registered members can access. So I have implemented a "log-in servlet" that drops a cookie onto the client upon a successful login. Any servlet first checks for that cookie before serving up any "members only" content. This strategy works well for dynamically generated pages... but I also want to serve up some pages that are 100% static (e.g. FAQ's, help pages, legal babble, etc). Since these pages are 100% static, using Apache + SSI is ideal... but I can't figure out how to authenticate the user to Apache without forcing the user to log-in again (but this time to Apache). Can this be done? I can get servlet/cookie authentication to work, and I can get Apache authentication to work as well... but it seems like there's no way to share authentication information between the two. I've already looked at several Apache modules for authentication (mod_access, mod_auth & mod_auth_db), but none of them seem to provide the desired functionality. Any ideas? ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
