On 4/24/07, Erez Segal <segalerez@xxxxxxxxx> wrote:
The user will still have to login twice... I'm sure it's possible. I've seen at http://www.apacheweek.com/features/userauth the following quote: "It is also possible to have an arbitrary external program check whether the given username and password is valid (this could be used to write an interface to check against any other database or authentication service)." the question is how to do it...
Sure, that can be done with mod_auth_external. But then you are really talking about an external process that will need to be forked. I think you haven't fully defined your problem. Are you looking to protect some static resources without popping up the http auth window? Then mod_auth_external won't work. You need something more along the lines of one of the cookie auth modules available from http://modules.apache.org/. Or, more simply, just serve the static content via your php scripts. Not quite as efficient, but a lot simpler if you already have session handling built with php. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|