Re: One-Time authentificaton for multiple servers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am 2007-09-25 10:53:46, schrieb Rachel Anderson-Barrios:
> Michelle,
> 
> I am not an apache expert.  However, it sounds like you need an actual
> programming to do what you would like to do.
> 
> >From the sounds of it, you would need to have a central program which
> would check authentication every time the user made a request.  If the

Right, this is possibel, because the Website (authenticated part)
is php-cgi driven and it is only a small additional code sniplet.

> user wasn't logged in, it would throw an error sending them to a logon
> screen.  If they were logged in, it would update its internal 'logout
> time'.  It would have an independent thread which would check the list
> every few minuets, checking the 'logout time' with the 'current time'
> and remove anyone from that list who is past due.

My idea was, if a $USER log in the first time, it authenticate against
the PostgreSQL, and then my script create a local temp file with the
$USER name.  Each time the $USER access a new page, the script check,
whether the file is there and update the "atime" (for example), if the
file is not there, the script redirect the $USER to re-authenticate.

Now I need a second script, which check the $TMP folder for the created
$SER name files and check each against the PostgreSQL but cache the
results (timeout) local.  If a page was accessed inside the timeout,
then it update the new timeout on the PostgreSQL or better, on the
PostgreSQL server but not inside the database...

So, if now the server change dynamicaly, it look at the PostgreSQL server
whether a cached file from another Server is there and if not, it enforce
an authentification otherwise it will update the timestamp local.

> I would use the postgreSQL DB to authenticate the user, but not to
> update their status.  Your program should cache them into it's memory to
> save on read-write to the database.

Right...

> We use something quite similar in our applications.

I was thinking, there is something I can use for it without reinventing
the wheel.

Thanks, Greetings and nice Day
    Michelle Konzack
    Systemadministrator
    Tamay Dogan Network
    Debian GNU/Linux Consultant


-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack   Apt. 917                  ICQ #328449886
                   50, rue de Soultz         MSN LinuxMichi
0033/6/61925193    67100 Strasbourg/France   IRC #Debian (irc.icq.com)

Attachment: signature.pgp
Description: Digital signature


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux