|
Is there an apache authentication module that does the following? 1) Within the
apache configuration a user would identify what URLs are secure. 2) When a user
tries to access content that is secured for the first time the module redirects
the user to a common authentication server. The original requested URL is
attached to the end of the redirected URL. 3) The user
then sees a web authentication page that they authenticate through. Once
they authenticate the authentication web server redirects the user back to the
original URL. 4) The apache
module then knows that they have authenticated because of cookies that are set
with particular values, etc… I have seen this type of approach used at a few large
companies where authentication needs to be handled only through one central
service/department. Then other departments can develop web
sites/applications without having to know the details about the authentication
process behind the seen. Is there currently a module like this? If not would
this be something that the apache project might be interested in? The
current modules look like they trigger either OS or browser authentication
windows. Thanks, Lance Campbell Project Manager/Software Architect Web Services at Public Affairs 217.333.0382 http://webservices.uiuc.edu |
|