On June 8, 2011 15:50 , dhottin...@harrisonburg.k12.va.us wrote:
I currently use .htaccess to prompt for username and password and point it to an ldap database running on my mailserver. Im considering moving all my mail accounts to gmail. Does anyone know if it is possible to authenticate with .htaccess pointing to gmail for info?
It might be better to have your web application (WordPress, Drupal, whatever) authenticate the user via OAuth2 or OpenID using the user's Google account, instead of having Apache authenticate the user. I have successfully done this, and can vouch that it works.
If you are only serving static content (that is, if you are not running a web application) or if you have another reason to want Apache HTTP Server to do the authentication itself, then take a look at mod_auth_openid. I have never tried using it myself, so I don't know if it will meet your needs or not. See http://findingscience.com/mod_auth_openid/ Keep in mind that this will allow anyone to whom Google has issued credentials to authenticate; you'll likely need to add some sort of authorization in order to restrict access to the subset of authenticated users who you actually wish to grant access to.
A pedantic point: .htaccess does not "authenticate" anything, it's just an alternative way of specifying configuration directives, as opposed to requiring all configuration directives to be in the main configuration file (e.g., httpd.conf). If you specify authentication directives in .htaccess, it is actually httpd that performs the requested authentication.
-- Mark Montague m...@catseye.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
