You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Ari Ravieshanker <ar...@gmail.com> on 2005/08/06 05:13:55 UTC
[users@httpd] Apache authentication
Hi,
I have a dilema and can someone please help me in the right direction.
I have an application that relies on apache authentication (Basic or
other). So any user wants to use that application can login and use
this application. I have a new client request that they will login to
their portal (not apache), and will come to our site with a url click.
They shoudln't be re-authenticating to use the application. We need to
figure out the request and somewhat write a header credintials
information on the HTTP header.
How is this acheivable
Thanx in advance
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache authentication
Posted by Joshua Slive <js...@gmail.com>.
On 8/5/05, Ari Ravieshanker <ar...@gmail.com> wrote:
> Hi,
> I have a dilema and can someone please help me in the right direction.
>
> I have an application that relies on apache authentication (Basic or
> other). So any user wants to use that application can login and use
> this application. I have a new client request that they will login to
> their portal (not apache), and will come to our site with a url click.
> They shoudln't be re-authenticating to use the application. We need to
> figure out the request and somewhat write a header credintials
> information on the HTTP header.
>
> How is this acheivable
The only part of an HTTP request that the server has real control over
is the request line (the URL) and the cookie (and possibly the request
body if you are doing a POST). Since the two sites are probably in
different domains and hence can't share a cookie, the only choice is
to embed the credentials in the URL in some manner.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org