Thanks Eric! I wasn't aware of this module, this could work for us. The roundtrip into our app won't be a problem.
Cheers, Colin On 6 September 2013 17:12, Eric Covener <cove...@gmail.com> wrote: > On Fri, Sep 6, 2013 at 10:21 AM, Colin 't Hart <colinth...@gmail.com> > wrote: > > Hi, > > > > We have a web app written in PL/SQL (stored procedures in an Oracle > > database). We use Apache and mod_owa (a variant on the mod_plsql theme) > as > > HTTP glue. Currently we're on Apache 2.2, but upgrading to 2.4 would be > an > > option. > > > > Our app handles security itself (our own tables of users and roles); like > > all web apps, logged in users get a cookie. For the sake of this > discussion, > > let's assume our app runs under www.my.com/app > > > > Now we want to be able to serve some ordinary files using Apache to > > authenticated users (registration of downloads basically). Again, for the > > sake of discussion, assume that files are served from www.my.com/file > > > > How can we integrate this with Apache's authentication? Functionally, a > user > > logged in to our app should be able to download a file without logging in > > again elsewhere. Conversely, someone who isn't logged in trying to > download > > the file should be prompted to log in. > > > > What's the best way to achieve this? The easiest way? > > Maybe mod_xsendfile or similar? You'll still have the roundtrip into your > app. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >