Hi,
in my last mail, I had asked how to get context for incoming requests. meanwhile studying replies, I got familiar with apache/selinux plus which labels threads based on identity of user. but I can not understand how users are authenticated from http requests. who does this authentication ( is it a service special to apache/httpd that analyzes http requests) ? I think, an http request in normal form does not contain any information by which remote user can be authenticated.
may some one explain me more or redirect me to some resources that clarify things more?
Best regards.
