Is there an apache authentication module that does the following?
1) Within the apache configuration a user would identify what URLs are secure. 2) When a user tries to access content that is secured for the first time the module redirects the user to a common authentication server. The original requested URL is attached to the end of the redirected URL. 3) The user then sees a web authentication page that they authenticate through. Once they authenticate the authentication web server redirects the user back to the original URL. 4) The apache module then knows that they have authenticated because of cookies that are set with particular values, etc... I have seen this type of approach used at a few large companies where authentication needs to be handled only through one central service/department. Then other departments can develop web sites/applications without having to know the details about the authentication process behind the seen. Is there currently a module like this? If not would this be something that the apache project might be interested in? The current modules look like they trigger either OS or browser authentication windows. Thanks, Lance Campbell Project Manager/Software Architect Web Services at Public Affairs University of Illinois 217.333.0382 http://webservices.uiuc.edu
