[Solved] Lighttp - Fastcgi custom authenticator
Added by rastrella over 6 years ago
Hi guys,
I would like to develop a cgi (in C) in order to auth every HTTP Request.
I've configured my fastcgi module :
fastcgi.server = (
"/test" => (
"test.fcgi.handler" => (
"socket" => "/tmp/myauth.fcgi.socket",
"check-local" => "disable",
"bin-path" => "/opt/lighttp_1_4_35/scripts/myauthenticator.fcgi",
"max-procs" => 1
)
))
and I can process every request and verify if the HTPP request is good or not...but how can I "send" again the request to the right resource in order to allow client auth to see the correct webpage? Some specific conf on lighttpd is needed?
Thanks in advance
Marino
Replies (2)
RE: [Solved] Lighttp - Fastcgi custom authenticator - Added by rastrella over 6 years ago
Thanks for the reply, I had readed the doc and i've implemented something like this using authorizer mode.
But in this case there's problem and i don't know if it's my fault (probably) or there's some other way to realize my scenario.
- The client make an http request and insert a custom header (a token) into the request for helloworld.html
- My custom cgi evaluate token, and if it's good, a Cookie is created and should be inserted in the reply to allow the client to use this cookie for following requests
The problem is if cgi is in auth mode... i don't see the Cookie in the response (but i can see helloworld.html page correctly). I see the cookie only if cgi reply with 202 (instead of 200), but in this case the client receive only 202 (no helloworld.html page) and should make another HTTP request using the Cookie.
Is there any way to implement this auth scenario?
In nginx there's nginx_modules_http_auth_request that implements client authorization based on the result of a subrequest. Is there any way to realize the same in lighttpd?