Basic Apache authentication using cookies

Michael James michael at
Fri Mar 8 23:42:56 EST 2002

I have a pair of webservers that need to handle user authentication together.

The secure server will handle a user/password database and r/w operations.

The web server, which has less critical data
 will refer any unrecognized users to the secure server.

Once a user is logged in, the secure server will set a cookie
 with a generic user say "member" and password-du-jour.

Then it executes the "where_to_next" cookie set by the web server
 and bounces it back.
Now the cookie is in place, access is permitted.

Not hugely secure, but enough for the type of data in question.

So I need an Apache module that will implement cookie based authentication.

There are lots,
 one that immediately suggests itself is "Cookie authentication"
 which provides "Fake basic authentication using cookies"

Anyone had experience with this sort of thing?


A right not exercised is a privilege
a privilege not exercised is illegal.

Michael James			michael at
8 Brennan St			Phone: +61 2 6247 2556
Hackett, ACT 2602		Mobile: +61 4 1747 4065
AUSTRALIA			Fax: +61 2 6278 0011

More information about the linux mailing list