httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <>
Subject Re: [users@httpd] How to integrate Apache's authentication with my app's?
Date Fri, 06 Sep 2013 15:12:11 GMT
On Fri, Sep 6, 2013 at 10:21 AM, Colin 't Hart <> wrote:
> Hi,
> We have a web app written in PL/SQL (stored procedures in an Oracle
> database). We use Apache and mod_owa (a variant on the mod_plsql theme) as
> HTTP glue. Currently we're on Apache 2.2, but upgrading to 2.4 would be an
> option.
> Our app handles security itself (our own tables of users and roles); like
> all web apps, logged in users get a cookie. For the sake of this discussion,
> let's assume our app runs under
> Now we want to be able to serve some ordinary files using Apache to
> authenticated users (registration of downloads basically). Again, for the
> sake of discussion, assume that files are served from
> How can we integrate this with Apache's authentication? Functionally, a user
> logged in to our app should be able to download a file without logging in
> again elsewhere. Conversely, someone who isn't logged in trying to download
> the file should be prompted to log in.
> What's the best way to achieve this? The easiest way?

Maybe mod_xsendfile or similar?  You'll still have the roundtrip into your app.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message