[2532] in WWW Security List Archive
Re: Apache authentication module
daemon@ATHENA.MIT.EDU (Nathan Neulinger)
Thu Jul 25 16:07:53 1996
To: shollatz@d.umn.edu (scott hollatz)
Date: Thu, 25 Jul 1996 11:01:38 -0500 (CDT)
From: "Nathan Neulinger" <nneul@umr.edu>
Cc: www-security@ns2.rutgers.edu, shollatz@d.umn.edu
In-Reply-To: <199607251425.JAA05732@borg.d.umn.edu> from "scott hollatz" at Jul 25, 96 09:25:39 am
Errors-To: owner-www-security@ns2.rutgers.edu
> There are two approaches: write a correct module following the Apache API or
> hack the server code to open a pipe to a tacacs client.
>
> I am favoring the latter because the Apache API documentation isn't clear.
> In either case, it's not clear to me (after 20 minutes of looking) where
> the Apache Basic authentication begins in the source code (I have a good idea).
>
> Ideally, I would like to create a new authentication type: AuthType tacacs .
>
> My question to the list is: does anyone have experience writing modules
> (in particular, authentication modules) for the Apache HTTP server?
Writing apache modules is relatively simple.
You cannot create a new "authType"... That requires the browser be
modified...
If you are looking for a straightforward way of doing this, you can 1.
get my ExternalAuth module from the module registry, or 2. Make a copy of
one of the current auth modules, and modify it...
-- Nathan
------------------------------------------------------------
Nathan Neulinger Univ. of Missouri - Rolla
EMail: nneul@umr.edu Computer Center
WWW: http://www.umr.edu/~nneul SysAdmin: rollanet.org
