You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Justin Wells <jr...@semiotek.com> on 2000/01/29 09:11:15 UTC

mod_ticket

I would like to contribute this module to the Apache project:
I'm not sure what to do, so I am posting it here. If I should be 
doing something different, please tell me :-)

mod_ticket scans a URI for a digitally signed ticket and, if the
md5 signature is valid, makes it available as $TICKET in the
environment of sub-processes. The signature is generated from a
shared secret combined with the ticket value and the IP of the
remote user.

This enables several interesting things:

  -- pass authenticated traffic from one website to another if both
     sites share a secret

  -- encode unspoofable cookie-style data into a URL that can 
     survive relative linking. 

I have attached it to this message, and also posted it here:

  http://germ.semiotek.com/ticket

Full documentation of mod_ticket appears in the C source header.

Justin

Re: mod_ticket

Posted by Justin Wells <jr...@semiotek.com>.

On Sat, Jan 29, 2000 at 03:11:15AM -0500, Justin Wells wrote:
> I would like to contribute this module to the Apache project:

Oops! Sorry, I accidentally sent an older version. I have attached
the correct version to this message. My apologies.

Justin