Project

General

Profile

[Solved] mod_auth_cookie for lighttpd

Added by tai almost 14 years ago

Hi.

I recently needed to make legacy webapp (using Basic Authentication) work with
OpenID SSO (Google Accounts), and ended up making this module. It seems there
once was a module with the same name, but it's downloadable now.

This module protects access to webpages by cookie, and also maps identity
information in a cookie onto HTTP-BA header. With appropriate encryption
and signing, this is supported in fairly secure way.

The module is available from following URL:

http://github.com/tai/mod_auth_cookie-for-lighttpd

If you think it's worth including into lighttpd distribution, please do so.

Best Regards,
Taisuke Yamada


Replies (2)

RE: mod_auth_cookie for lighttpd - Added by tai almost 14 years ago

It seems there once was a module with the same name, but it's downloadable now.

Oops, I meant to say "there once was one with the same name, but it's not downloadable anymore".

RE: [Solved] mod_auth_cookie for lighttpd - Added by gstrauss over 3 years ago

Thank you for the contribution.

Please note that there are some serious shortcomings in the implementation.
I updated the module and noted limitations in the README.md at https://github.com/gstrauss/lighttpd-mod_auth_ticket

A better option is (similarly named, but slightly different) mod_authn_ticket https://github.com/gstrauss/lighttpd-mod_authn_tkt

    (1-2/2)