Re: Using system passwords with Apache

To: debian-isp@lists.debian.org
Subject: Re: Using system passwords with Apache
From: wagnerc@plebeian.com (Chris Wagner)
Date: Sun, 31 Jul 2005 21:31:12 -0400
Message-id: <[🔎] 200508010148.j711m6r01667@mail.cinternet.net>

I've been listening here a while.  The "official" way to do what u want is
to go with some Apache module or new system password handler.  But if that's
too high an obstacle there is a down and dirty way to do it.  Take the
authentication work away from Apache and do it in a CGI script.  The
password can go as a https form post so that will take care of the
encryption.  The login script on the webserver can then scan the passwd file
for the user, crypt() the password and compare it to the passwd entry.  The
login script will then set a cookie that will live for some amount of time
and serve as the authentication token for the user.  Any requests that come
in without a cookie or with an expired cookie will redirect to the login
form.  Some basic Perl or Bash scripting.  Hope that helps.







--
REMEMBER THE WORLD TRADE CENTER         ---=< WTC 911 >=--
"...ne cede males"

00000100

Reply to:

Prev by Date: Re: Using system passwords with Apache
Previous by thread: Re: Using system passwords with Apache
Next by thread: $1K a day part-time returning calls!
Index(es):
- Date
- Thread