David Knecht wrote: > This is probably a rather simple question related to single sign-on to > virtual hosts. Although I did some research I need some advice that > points me to the right direction... > > This is the environment: > > Virtual host A; Allowed users: administrator, user_a > Virtual host B; Allowed users: administrator, user_b > Virtual host C; Allowed users: administrator, user_a, user_c > > I'd like to create an administrator account using Apache's basic > authentication feature. Whenever the administrator is successfully > authenticated to one of these virtual hosts then no additional > authentication/login should be required when accessing the other virtual > hosts. The same applies to non-administrator users. Here, every > individual user is allowed to login only to explicitely assigned virtual > hosts. > > I am currently using this type of authentication definitions in every > single virtual host container of my test setup: > > ... > <Location "/xyz"> > AuthType Basic > AuthName "Virtual Host A" > AuthUserFile /etc/httpd/virtual_host_a_htpasswd > Require valid-user > </Location> > ... > > Every virtual host container is currently using its own AuthUserFile. I > assume that using one single AuthUserFile (/etc/httpd/htpasswd) for all > user definitions as well as "Require administrator user_a" etc. on every > individual virtual host is the way to go. However, I did not manage to > make the single sign-on work so far...
Something like this: - Have all vhosts use the same AuthName - Make a groups file with groups 'vhosta', 'vhostb' etc, and fill the group with the members that may use that vhost - require membership of the proper authgroup. Once you start using different authnames, you can forget SSO, since a different realm will be used for different vhosts. Joost --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
