You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Zohreh and Anthony Romano <ro...@attbi.com> on 2002/08/24 15:01:38 UTC
Newbie - URL rewriting question(i think)
Hello,
trying to accomplish something more than likely beyond my current
understanding of Apache, but here it goes any way....
Setup for discussion:
server: www.test-server.com
Doc root: /home/httpd/htdocs
userdir: /home/joes_dir/public_html
directory structure of web site:
~joesdir/www_joe
......../www_joe/cgi-bin
......../www_joe/data
......../www_joe/html
......../www_joe/images
Here is what I would like to do. For starters I have checked online sources
for this but they seem to not cover this topic as well as I like.
The basic idea is that a user logs in, but not by way of apache auth, just a
simple form that checks against a db. creates a cookie with a md5 checksum.
The /data directory holds some files. These files I would like to make
accessible, but I would like to hide/restrict it as best as possible. So
that only access from a url that I provide can gain access.
My thoughts were that I could use the md5 in the cookie and rewrite the url
somehow to include the md5, then have a small perl app in the /data dir that
is an external map, that validates access somehow.
But, once again, I am not sure if this is possible. In general here is the
url I would like to generate:
http://www.test-server.com/AAIBQugDAABBZzbtJQGAwARub3JtUAUAAABSsQMAAFEKAAAAU
kCJhL/path/to/file
I have seen some sites have this type of url. And I would like to implement
it. I know perl, and can work my way around Apache to an extent.
Any help would be appreciated.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: Newbie - URL rewriting question(i think)
Posted by Zohreh and Anthony Romano <ro...@attbi.com>.
Thanks. I will checkout these links.
-----Original Message-----
From: Jim Kipp [mailto:jkipp5@comcast.net]
Sent: Saturday, August 24, 2002 10:04 AM
To: users@httpd.apache.org
Subject: Re: Newbie - URL rewriting question(i think)
>
> Here is what I would like to do. For starters I have checked online
sources
> for this but they seem to not cover this topic as well as I like.
>
> The basic idea is that a user logs in, but not by way of apache auth, just
a
> simple form that checks against a db. creates a cookie with a md5
checksum.
Here are some links that may help:
http://www.perldoc.com/cpan/Apache/AuthCookie.html
http://sec.ure.org/apache_auth.shtml
http://aspn.activestate.com/ASPN/CodeDoc/Apache-AuthCookieDBI/AuthCookieDBI.
html
Hopefully you have mod_perl
> The /data directory holds some files. These files I would like to make
> accessible, but I would like to hide/restrict it as best as possible. So
> that only access from a url that I provide can gain access.
Watch you permissions
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: Newbie - URL rewriting question(i think)
Posted by Jim Kipp <jk...@comcast.net>.
>
> Here is what I would like to do. For starters I have checked online
sources
> for this but they seem to not cover this topic as well as I like.
>
> The basic idea is that a user logs in, but not by way of apache auth, just
a
> simple form that checks against a db. creates a cookie with a md5
checksum.
Here are some links that may help:
http://www.perldoc.com/cpan/Apache/AuthCookie.html
http://sec.ure.org/apache_auth.shtml
http://aspn.activestate.com/ASPN/CodeDoc/Apache-AuthCookieDBI/AuthCookieDBI.
html
Hopefully you have mod_perl
> The /data directory holds some files. These files I would like to make
> accessible, but I would like to hide/restrict it as best as possible. So
> that only access from a url that I provide can gain access.
Watch you permissions
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org