Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Does Apache allow to authorize an HTTP request based on a result of a subrequest?

I'm looking for an equivalent of nginx http auth request module but for Apache.

For each incoming HTTP requests, the module sends a subrequests to authentication/authorization back-end. The auth request carries a path and all headers of the original request. Based on the result of the auth request, the original requests is allowed (HTTP code 200), denied (HTTP code 403) or login is requested (HTTP code 401). Such a generic mechanism allows to build really flexible authentication and authorization schemes.

Is something like this possible in Apache (likely with a help of some third party module)?

like image 824
Jan Wrobel Avatar asked Jul 05 '12 21:07

Jan Wrobel


People also ask

How does Apache handle request?

Requests are handled in parallel by the web server (which runs the PHP script). Updating data in the database is pretty fast, so any update will appear instantaneous, even if you need to update multiple tables.

How many types of HTTP authentications use in the Apache server?

Introduction. HttpClient supports three different types of http authentication schemes: Basic, Digest and NTLM.

What is Apache authentication?

The Apache web server allows for per-directory configuration through the use of . htaccess files. Users can password protect directories using the built-in Basic Authentication mechanism.


1 Answers

This module does just that ... http://search.cpan.org/~chansen/Authen-Simple-HTTP-0.2/lib/Authen/Simple/HTTP.pm

# or as a mod_perl Authen handler

PerlModule Authen::Simple::Apache
PerlModule Authen::Simple::HTTP

PerlSetVar AuthenSimpleHTTP_url "http://www.host.com/protected"

<Location /protected>
  PerlAuthenHandler Authen::Simple::HTTP
  AuthType          Basic
  AuthName          "Protected Area"
  Require           valid-user
</Location> 
like image 170
hpavc Avatar answered Oct 06 '22 03:10

hpavc