Re: Queries regarding the feasibility of achieving a use-case with HTTPD

[Ajay Garg <ajaygargnsit@xxxxxxxxx>]

Thanks Pete for the reply.

One question regarding the module at http://home.digithi.de/digithi/dev/mod_auth_cookie_mysql/ ::

it says that "Additionally nobody can "hack" the system by manipulating the cookie values because they are only valid for one session".

Does that mean that once the user exits the window, the user will be required to authenticate/login again? Or "one session" here means the time-until-which-user-explicitly-logs-out (which may run into days)?

This question is very important for our use-case, because we intend to truly implement an "almost" Single-Sign-On (I say "almost", because the user shouldn't need to login, until the cookie expires, say in 30 days).

Will be grateful for clearances :)

On Sun, Aug 25, 2013 at 3:20 PM, Pete Houston <ph1@xxxxxxxxxxxxxxxx> wrote:

On Sat, Aug 24, 2013 at 04:44:46PM +0530, Ajay Garg wrote:
> Is the above workflow possible by merely using HTTPD, or some form of
> external proxy-software (like "squid") is required?

Yes, this is possible with just httpd.

> If it is indeed possible to achieve the above with just HTTPD, I will be
> grateful if you could let me know how to add redirections, so that
> any URL goes via the "login.php" in-between (of course, if the user has
> already authenticated once, he is taken directly to the URL).

Do not use redirections - use the proper authnz mechanisms instead.
For a worked example of how to do it correctly see
http://home.digithi.de/digithi/dev/mod_auth_cookie_mysql/

Pete
--
Openstrike - improving business through open source
http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107

--
Regards,
Ajay