I am trying to configure shttpd as engine in an agent that processes ssi or cgi requests from daemons running on remote hosts.
I know there are several techniques I can use for handling the back-end (standard cgi.php or embedded app with integrated ssi) .. that is not the problem. I am struggling with a good mechanism to handle the authentication part of the equation so I can use secure socket rather than http, and automating the logon so that the daemon that requests information can log on via a predefined port number, post the form with the command to the remote shttpd agent, then log off. The CVS version 1.41 can certainly be configured to listen on multiple ports, and have it's own global password file that it can authenticate against, and if I really wanted to be sneaky I could script something that generated unique auth_realm and -ssl_cert that was married to the unique DNS name of each remote system, and take advantage of the -acl option to limit requests to the host(s) that are running management daemons. My biggie question, how should I structure the HTML requests/responses from both sides so this is fully automated and transparent. (I can add a layer of encrypting the CGI payload for added protection or establishing a socket outside the shttpd framework for added security later ... for now, how in the heck to I structure the HTML headers/body to authenticate ? Regards David ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ shttpd-general mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shttpd-general
