Auth MemCookie 1.0 review
DownloadAuth MemCookie is an Apache v2 authentification and authorization modules are based on "cookie" authentification mecanism. The mo
|
|
Auth MemCookie is an Apache v2 authentification and authorization modules are based on "cookie" authentification mecanism.
The module don't make authentification by it self, but verify if authentification "the cookie" are valid for each url protected by the module. The module validate also if the "authentificated user" have authorisation to acces url.
Authentification are made externaly by an authentification form page and all authentification information nessary to the module a stored in memcached indentified by the cookie value "authentification session id" by this login page.
How it Works
Phase 1 : The login Form
Authentification are made by a login formular page.
This login page must authenticate the user with any authenticate source (ldap, /etc/password, file, database....) accessible to langage of the page (php, perl, java... an ldap login page sample in php are in samples directory).
Then must set cookie that contain only a key the "authentification unique id" of the "authentification session".
The login page must store authorisation and user information of the authenticated user in memcached identified by the cookie key "authentification unique id".
The login page can be developted in any langage you want, but must be capable to use memcached (they must have memcache client api for us)
Phase 2 : The Apache v2 Module
After the user are logged, the apache 2 module check on each protected page by apache ACL the presence of the "cookie".
if the "cookie" exist, try to get session in memcached with the "cookie" value if not found return "HTTP_UNAUTHORIZED" page.
if session exist in memcached verify if acl match user session information if not match return "HTTP_FORBIDDEN" page.
Auth MemCookie 1.0 search tags