Re: [users@httpd] Using apache as proxy with another Apache and JBoss

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Thanks for the hint Joshua. Forgot to mention. The session management and authentication is managed by the J2EE application. The sessions are tracked by cookies and the proxy Apache can have access to the database.

I will check the mod_auth_cookie module but I am also interested in the solution with CGI scripts. Could you send me or direct me to some examples on the internet?

Dimitar




Joshua Slive <jslive@xxxxxxxxx>

04/18/2005 12:51 PM

Please respond to
users@xxxxxxxxxxxxxxxx

To
users@xxxxxxxxxxxxxxxx
cc
Subject
Re: [users@httpd] Using apache as proxy with another Apache and JBoss





On 4/18/05, DGeorgie@xxxxxxxxx <DGeorgie@xxxxxxxxx> wrote:
> The only obstacle we have is how to make sure that only authenticated users
> have access to the multimedia files. Any ideas?

That depends on how you are tracking sessions.

Assuming you are using cookies, the most basic option is to have
apache verify the cookie before sending the file.  There are lots of
ways to do this, including mod_auth_cookie-type modules, cgi scripts,
etc.

If that is not feasible (perhaps because the apache proxy doesn't have
access to the database containing the approved session cookies), then
you would need to design some other method to pass a session back to
apache.  An example would be cryptographically signing some random
value and putting it the URL, then having apache check the signature
before sending the file.  This would probably require a cgi script.

The easy way out is to simply check the Referer request header, but
this would be totally insecure.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux