Basic Apache authentication using cookies
michael at james.st
Fri Mar 8 23:42:56 EST 2002
I have a pair of webservers that need to handle user authentication together.
The secure server will handle a user/password database and r/w operations.
The web server, which has less critical data
will refer any unrecognized users to the secure server.
Once a user is logged in, the secure server will set a cookie
with a generic user say "member" and password-du-jour.
Then it executes the "where_to_next" cookie set by the web server
and bounces it back.
Now the cookie is in place, access is permitted.
Not hugely secure, but enough for the type of data in question.
So I need an Apache module that will implement cookie based authentication.
There are lots,
one that immediately suggests itself is "Cookie authentication"
which provides "Fake basic authentication using cookies"
Anyone had experience with this sort of thing?
A right not exercised is a privilege
a privilege not exercised is illegal.
Michael James michael at james.st
8 Brennan St Phone: +61 2 6247 2556
Hackett, ACT 2602 Mobile: +61 4 1747 4065
AUSTRALIA Fax: +61 2 6278 0011
More information about the linux