Forums » Development »
[Solved] mod_auth_cookie for lighttpd
Added by tai almost 15 years ago
Hi.
I recently needed to make legacy webapp (using Basic Authentication) work with
OpenID SSO (Google Accounts), and ended up making this module. It seems there
once was a module with the same name, but it's downloadable now.
This module protects access to webpages by cookie, and also maps identity
information in a cookie onto HTTP-BA header. With appropriate encryption
and signing, this is supported in fairly secure way.
The module is available from following URL:
http://github.com/tai/mod_auth_cookie-for-lighttpdIf you think it's worth including into lighttpd distribution, please do so.
Best Regards,
Taisuke Yamada
Replies (2)
RE: mod_auth_cookie for lighttpd - Added by tai almost 15 years ago
It seems there once was a module with the same name, but it's downloadable now.
Oops, I meant to say "there once was one with the same name, but it's not downloadable anymore".
RE: [Solved] mod_auth_cookie for lighttpd - Added by gstrauss over 4 years ago
Thank you for the contribution.
Please note that there are some serious shortcomings in the implementation.
I updated the module and noted limitations in the README.md at https://github.com/gstrauss/lighttpd-mod_auth_ticket
A better option is (similarly named, but slightly different) mod_authn_ticket https://github.com/gstrauss/lighttpd-mod_authn_tkt