Hi Michael
I think it depends on your SSO app, more specifically what standards it
supports.
For example you could use /mod_auth_kerb//and //mod_auth_gssapi
/https://active-directory-wp.com/docs/Networking/Single_Sign_On/Kerberos_SSO_with_Apache_on_Linux.html
https://wiki.centos.org/HowTos/HttpKerberosAuth
Another possibility might be to use JWT
https://www.miniorange.com/apache-adfs-single-sign-on(sso)
or
https://github.com/zmartzone/mod_auth_openidc
Also have a look at
https://httpd.apache.org/docs/trunk/howto/auth.html
I am not sure what other possibilities exist which work together with
your SSO app, but it might be less effort to just move your
documentation into your app servers.
HTH
Michael
Am 20.05.21 um 06:46 schrieb Michael D.:
Hello user group.
I maintain a website that authenticates users through an internal
single-sign-on app.
I have a documentation page that is publically viewable but I only
want it viewable after authentication. I've looked into .htaccess but
I don't want a separate login process for users to view documentation.
I want them to be able to login through our internal SSO and
automatically have access to those documents that are currently stored
on the web server.
Is this possible to do through Apache or should these static
documentation pages be put on our app servers and then served up for
authenticated users?
I'm not finding a way to avoid a second authentication process just to
view documentation that is private info for only authorized users
(Fyi we have thousands of users that need access to this documentation.)