httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Beattie <oli...@obeattie.com>
Subject Re: [users@httpd] Custom authentication?
Date Tue, 04 Jan 2011 11:30:04 GMT
Thanks for your quick reply… unfortunately I can't set a cookie. Another
machine (different domain) is redirecting the user to this server (auth
happens on that server) and this server is in effect acting as (one of
several identically-configured) mirrors. However, it may be possible to
redirect them to a location on the mirror that sets the cookie?

—Oliver


On 4 January 2011 11:28, Mark Watts <m.watts@eris.qinetiq.com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 01/04/2011 11:19 AM, Oliver Beattie wrote:
> > Hi there,
> >
> > I am sure this question has likely been asked many times before, I'm
> > just having a bit of a hard time finding answers.
> >
> > Basically, I need to be able to authenticate downloads based on a URL
> > signature if present (passed as a query parameter), instead of via Basic
> > authentication (I need to support both of these, but bypass the basic
> > auth if no signature is present). It isn't a requirement that they live
> > at the same path, so they can be at different virtual hosts/directories
> > if necessary.
> >
> > At first, I thought the best way to do this would be just through a
> > simple CGI/WSGI/whatever, but the files I am authenticating access to
> > are very large (many GB) and I fear there may be a performance
> > implication of doing this (and things like Range requests won't be
> > possible without extra work).
> >
> > Has anyone had any experience with this? What is the best way to
> > proceed? Any help anyone could give would be very much appreciated :)
> >
> > —Oliver
>
> After authentication, set a cookie with a sensible lifetime (~1 day).
> If the cookie is set and valid allow the download, otherwise redirect to
> the login page.
>
> Mark.
>
> - --
> Mark Watts BSc RHCE
> Senior Systems Engineer, MSS Secure Managed Hosting
> www.QinetiQ.com
> QinetiQ - Delivering customer-focused solutions
> GPG Key: http://www.linux-corner.info/mwatts.gpg
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk0jBFUACgkQBn4EFUVUIO2+lACg25ZDyyLlcM5B6KYU+zB5k/6d
> 23kAn0eWbv+M4Z9vpWWo9yD8TeJl5aiI
> =sGQx
> -----END PGP SIGNATURE-----
>

Mime
View raw message