mod_auth_token 1.0.1 review

Download
by rbytes.net on

mod_auth_token module uses token based authentication to secure downloads and prevent deep-linking. Have your PHP script or servle

License: The Apache License 2.0
File size: 327K
Developer: Mikael Johansson
0 stars award from rbytes.net

mod_auth_token module uses token based authentication to secure downloads and prevent deep-linking.

Have your PHP script or servlet generate the to authenticate the download. Apache can then treat the download request like a normal file transfer without having to pipe the file through a script in order to add authentication.

You can find downloads, daily snapshots and support information at http://www.synd.info/

Usage:

The token is an hex-encoded MD5 hash of the secret password, relative file path and the timestamp. It is encoded onto the URI as:

< uri-prefix >< token >/< timestamp-in-hex >< rel-path >

For example

/protected/dee0ed6174a894113d5e8f6c98f0e92b/43eaf9c5/path/to/file.txt

where the token is generated as

md5("secret" + "/path/to/file.txt" + dechex(time_now()))

with the following configuration in httpd.conf

< Location /protected/ >
AuthTokenSecret "secret"
AuthTokenPrefix /protected/
AuthTokenTimeout 60
< /Location >

The actual file would should be located in

/protected/path/to/file.txt

Requirements:
Apache 1.3.x

mod_auth_token 1.0.1 keywords