Peter Schober wrote:
* André Warnier <a...@ice-sa.com> [2009-05-11 19:24]:
in all kinds of applications that can run under Apache, to obtain a
user-id ? The answer is basically no, because Apache (and HTTP) do not
define such a standard mechanism.
Support for REMOTE_USER is not so bad, I'd say.
Well, REMOTE_USER is a cgi environment variable. It is only set for
applications that run as cgi-bin's.
Without being absolutely certain, I would assume that any of the
standard mod_auth* modules supplied with Apache would, after
authentication, set the user-id into some field of the internal Apache
request record.
So theoretically (if it was set), any program/module running under
Apache /could/ obtain this authenticated user-id from Apache, by reading
it from this internal request record, presuming they had an interface to
do so.
The question is, do they ?
The question is also, do all of these other add-on authentication
modules set this same field in the internal Apache record ?
They are certainly not obliged to by any RFC I've read.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
