[users@httpd] Modifying Headers Programmatically

["Muggeridge, Matt" <ma...@hpe.com>]

I have an app that runs on frontend- and backend-servers.  Customers login to the frontend-server and the same credentials are used for various apps available on the backend-servers.  From within their session on the frontend-server, they select an app on the backend server, whereupon they automatically log into the backend-server app, using the same credentials.  (Easy enough, so far).

For better security, I do not want to store username/password in the browser, but rather I'd like to store them on the frontend-server. (No so easy now).

Now, when the customer requests a backend-server app, the frontend-server needs to intercept the request, lookup the user's previously stored credentials, then attach their credentials as headers, and finally send the modified request to the backend-server app.

I envision that on the frontend server, I will need an external program to store and lookup user-credentials.  How can Apache be configured to call an external program (filter?) and then how do I pass the values back to Apache (maybe environment variables?), before finally modifying the request and passing it onto the backend-server app.

I'll be glad for any pointers.

Matt.
PS: So far, I've read through handlers, filters, proxy options, asis, and more.  I'm beginning to think this might require my own module???