Dear Experts,I am in the process of migrating a system from 2.0 to 2.2 and need some advice about how to make PostgreSQL authentication work in the new system.
In the old system, I used mod_auth_pgsql from the Debian package. I understand that the new auth framework in 2.2 provides database-backed authentication in a set of core modules. But there are a couple of issues:
- Caching is essential in my application. I don't believe that the new modules provide this, do they? (I mean caching of the actual credentials, not just keeping the database connection open.) This is something that was provided by the old mod_auth_pgsql, though it suffered from keeping one cache per request-handling thread/process. I notice that there is a mod_authn_cache here: http://mod-auth.sourceforge.net/docs/mod_authn_cache/. However, this doesn't seem to have been worked on for a while and is still 'in development'. Does anyone know anything about the status of this module?
- Having said that caching is essential, mod_auth_pgsql suffered from not flushing its cache when the database changed. In my case, this means that when users change their password the system will be broken for a while as some of the request-handling threads/processes will cache the old password and some will cache the new one. Does mod_authn_cache have the same issue? The fix for this would be to use PostgreSQL's asynchronous notification mechanism to clear the caches when a password is changed. When I first considered moving to 2.2 I posted something about this here: http://thread.gmane.org/gmane.comp.apache.devel/23903/focus=23904. At that time I decided to stick with 2.0.x in the hope that someone else would fix the problem - I don't suppose anyone has, have they?
Any suggestions about how to proceed would be much appreciated. Regards, Phil. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx