Quoting Mark Montague <m...@catseye.org>:
On June 8, 2011 15:50 , dhottin...@harrisonburg.k12.va.us wrote:
I currently use .htaccess to prompt for username and password and
point it to an ldap database running on my mailserver. Im
considering moving all my mail accounts to gmail. Does anyone know
if it is possible to authenticate with .htaccess pointing to gmail
for info?
It might be better to have your web application (WordPress, Drupal,
whatever) authenticate the user via OAuth2 or OpenID using the user's
Google account, instead of having Apache authenticate the user. I have
successfully done this, and can vouch that it works.
If you are only serving static content (that is, if you are not running
a web application) or if you have another reason to want Apache HTTP
Server to do the authentication itself, then take a look at
mod_auth_openid. I have never tried using it myself, so I don't know
if it will meet your needs or not. See
http://findingscience.com/mod_auth_openid/ Keep in mind that this
will allow anyone to whom Google has issued credentials to
authenticate; you'll likely need to add some sort of authorization in
order to restrict access to the subset of authenticated users who you
actually wish to grant access to.
A pedantic point: .htaccess does not "authenticate" anything, it's
just an alternative way of specifying configuration directives, as
opposed to requiring all configuration directives to be in the main
configuration file (e.g., httpd.conf). If you specify authentication
directives in .htaccess, it is actually httpd that performs the
requested authentication.
--
Mark Montague
m...@catseye.org
Thanks Mark. I appreciate the info. I also realize that apache isnt
authenticating, thanks for the pointer there.
as always very appreciative of any help,
ddh
--
Dwayne Hottinger
Network Administrator
Harrisonburg City Public Schools
"Everything should be made as simple as possible, but not simpler."
-- Albert Einstein
"The hottest places in Hell are reserved for those who, in times of moral
crisis, preserved their neutrality."
-- Dante
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
