Hi, everyone,
We're using Apache as a proxy. One of the applications we want to make
available to users doesn't integrate with our authentication method, so
we were wondering if we could have Apache contact an authentication
process before proxying to this application.
Some background: Our applications are typically written in Ruby and
Python. There is a central authentication server that we've written (no
way around this now) that these applications all check in with. We now
want to run JasperReports, however, of course, we want to have this same
security system in place. We are investigating modifying Jasper server,
but we thought that a more general solution would be if we could get the
proxy (Apache) to contact the authentication server.
What would be great would be is if a user requested
http://server/jasper/report1, then Apache would send cookie and URL
information to a script (written in Python or Ruby, ideally) which would
take this information and pass it along to the authentication server. If
the user is authorized, then Apache would allow the proxy request.
Otherwise, it would be redirected to a login page or something.
I thought about using rewritemap of mod_rewrite. This might work, but
I'm not sure how we would get cookie information and the URL to the
script (unless we arranged for the URLs to include the cookie information).
Thanks for any suggestions!
Jen
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
