RE: [users@httpd] Basic Authentication and mod_auth_mysql form login

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> -----Original Message-----
> From: YEL [mailto:atlasloewenherz@xxxxxxxxxxxxxx]
> Sent: Mittwoch, 5. Oktober 2005 00:37
> To: users@xxxxxxxxxxxxxxxx
> Subject: [users@httpd] Basic Authentication and mod_auth_mysql form
> login
> 
> 
> hello everyone,
> 
> i'm using apache2 tomcat5 mod_jk
> 
> i set Basic authentication with mod_auth_mysql to have my users
> authenticated on a mysql DB.
> 
> users who try to access restricted areas are than prompted with the
> standard browser identification pop up window to log in everything
> works fine and my boss was happy with
> 
> a couple of days ago  he change his mind and wanted now a log in page
> instead of pop up...
> 
> now i know the first thing to think about is to use a script wich
> authenticate my users on the same database and "inject"  a peace of
> code in each page to check the session and ...

I think you're talking about cookies...

A cookie is not really added to the page, rather it is sent to the browser as part of the response (it is in a header). The browser then sends the same cookie back with any subsequent requests in the same "realm" (ie, same URL-space). When the server sees the cookie coming back (again, in a header), it knows that the client is already authenticated and so serves the new content.

You can generate and handle cookies in apache:
http://httpd.apache.org/docs/2.0/mod/mod_usertrack.html

or in Tomcat (depends on your servlet environment - do you have cocoon?)

Using cookies gives you far more control over the user-login and is safer. But it's more work to set up. If you're not too familiar with it, I'd say a couple of weeks to get it all singing and dancing. Maybe if you tell that to your boss, he'd change his mind back again...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 



> 
> but since we are serving at lease  8000 static content which are
> generated based on word documents ... this issue becomes a bit
> horrible for me and i dont have enough time to deal with this and i'm
> out of ideas i'd really would apreciate any good ideas which may gets
> me out this trouble im in now
> 
> i wich you all a good night and
> 
> Greetings from Cologne
> 
> --
> (e==mc²)?
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux