Authorization and FastCGI
Added by jpd over 16 years ago
Hi,
Forgive me if this is a stupid question but I've been unable to work out from the docs if what I want is possible.
I want every page on my website to require authorization (I can make this happen using mod_auth)
I want every request to be passed to my FastCGI process (I can make this happen using mod_fastcgi)
I want my FastCGI process to receive the username, password, realm and decide whether to authorize the request
I'm happy to write two FastCGI processes if necessary (one to handle authorization and one to process requests). Is it possible to achieve this in Lighty?
A bit of background info: My website is designed to be generated from a database - ie no static files at all (and all access will ultimately be over SSL). All the users/passwords are to be database users/passwords. Apart from authorization my current setup works perfectly:
Lighty
|
FastCGI process
|
Postgres
Any help would be appreciated.
Jack
Replies (1)
RE: Authorization and FastCGI - Added by jpd over 16 years ago
I'm now not sure this is possible.
I've discovered I can get a prompt for password by returning "Status: 401", without enabling mod_auth, but I can't find any way of accessing the username and password that the client returns inside my FastCGI process, which at the moment looks like this:
#include <fcgi_stdio.h>
int main(void) {
int count = 0;
while(FCGI_Accept() >= 0) {
printf("Status: 401\r\n");
printf("WWW-Authenticate: Basic realm=\"Secure Area\"\r\n");
printf("Content-type: text/html\r\n");
printf("\r\n");
printf("Hello world!<br />\r\n");
printf("Request number %d.<br />\r\n", count++);
}
return 0;
}
Does anyone know how to access these fields or whether it is impossible?
Thanks,
Jack