You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Perl Whore <wh...@gmail.com> on 2009/12/14 13:04:58 UTC
[users@httpd] mod_proxy auth from PHP?
Here is the situation:
I have a php login page at https://login.mydomain.com and an internal
server listening only on localhost http://localhost:12345
I want mod_proxy to send to the internal server only if auth was
successful from the php login page. The user/pass can be in the .php
file itself like if $_POST['password'] = 'abc' because it's just for a
single user and I don't require a database although I don't really
mind using SQLite if mod_proxy requires that I do.
Is this possible (I guess nothing is impossible)? If so, which
authentication module should I be looking into to achieve this?
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_proxy auth from PHP?
Posted by Devraj Mukherjee <de...@gmail.com>.
On Mon, Dec 21, 2009 at 1:24 PM, Perl Whore <wh...@gmail.com> wrote:
> Ah, thanks. This is a good idea. I didn't know about mod_auth_memcookie.
>
> Yes, it'll be great if you share your configuration so I can have a
> better understanding.
>
The following is what my configuration sort of looks like (very
similar to the example that ships with the module). Ensure that you
put login.php in a directory that is accessible outside your protected
area.
In case of reverse proxies you can do this by
ProxyPass /url !
Needless to say you will need memcached and memcache support in PHP.
<Location />
Auth_memCookie_CookieName myauthcookie
Auth_memCookie_Memcached_AddrPort 127.0.0.1:11000
# to redirect unauthorized user to the login page
ErrorDocument 401 "/gestionuser/login.php"
# to specify if the module are autoritative in this directory
Auth_memCookie_Authoritative on
# must be set without that the refuse authentification
AuthType Cookie
# must be set (apache mandatory) but not used by the module
AuthName "My Login"
</Location>
--
"The secret impresses no-one, the trick you use it for is everything"
- Alfred Borden (The Prestiege)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_proxy auth from PHP?
Posted by Perl Whore <wh...@gmail.com>.
Ah, thanks. This is a good idea. I didn't know about mod_auth_memcookie.
Yes, it'll be great if you share your configuration so I can have a
better understanding.
On Mon, Dec 21, 2009 at 6:21 AM, Devraj Mukherjee <de...@gmail.com> wrote:
> On Mon, Dec 14, 2009 at 11:04 PM, Perl Whore <wh...@gmail.com> wrote:
>> Here is the situation:
>>
>> I have a php login page at https://login.mydomain.com and an internal
>> server listening only on localhost http://localhost:12345
>>
>> I want mod_proxy to send to the internal server only if auth was
>> successful from the php login page. The user/pass can be in the .php
>> file itself like if $_POST['password'] = 'abc' because it's just for a
>> single user and I don't require a database although I don't really
>> mind using SQLite if mod_proxy requires that I do.
>>
>
> This is easier done using Basic authentication with the choice of many
> backends, like RDBMS or LDAP, but I am assuming that you want to use
> form based authentication for whatever reason.
>
>> Is this possible (I guess nothing is impossible)? If so, which
>> authentication module should I be looking into to achieve this?
>>
>
> I answered a similar question before, where the user was trying to get
> mod_auth_form going for Apache 2.2
>
> We implemented something similar using mod_auth_memcookie
> (http://authmemcookie.sourceforge.net/) and you can use your own for
> to do the authentication.
>
> Let me know if you want me to share configurations etc.
>
> --
> "The secret impresses no-one, the trick you use it for is everything"
> - Alfred Borden (The Prestiege)
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_proxy auth from PHP?
Posted by Devraj Mukherjee <de...@gmail.com>.
On Mon, Dec 14, 2009 at 11:04 PM, Perl Whore <wh...@gmail.com> wrote:
> Here is the situation:
>
> I have a php login page at https://login.mydomain.com and an internal
> server listening only on localhost http://localhost:12345
>
> I want mod_proxy to send to the internal server only if auth was
> successful from the php login page. The user/pass can be in the .php
> file itself like if $_POST['password'] = 'abc' because it's just for a
> single user and I don't require a database although I don't really
> mind using SQLite if mod_proxy requires that I do.
>
This is easier done using Basic authentication with the choice of many
backends, like RDBMS or LDAP, but I am assuming that you want to use
form based authentication for whatever reason.
> Is this possible (I guess nothing is impossible)? If so, which
> authentication module should I be looking into to achieve this?
>
I answered a similar question before, where the user was trying to get
mod_auth_form going for Apache 2.2
We implemented something similar using mod_auth_memcookie
(http://authmemcookie.sourceforge.net/) and you can use your own for
to do the authentication.
Let me know if you want me to share configurations etc.
--
"The secret impresses no-one, the trick you use it for is everything"
- Alfred Borden (The Prestiege)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org