Forums » Development »
[Solved] Authentication based redirection
Added by junksmi over 15 years ago
Damn, who wants to test the links in preview by clicking, is doomed to type the message twice :( :( :(
Well, I started the discussion here http://redmine.lighttpd.net/issues/show/1498 :
Anyways, this is my use case of user- or authentication- based redirection:
- I give all my users a single adress myserver.com (the webserver 'root')
- when they go there, they are asked to login
- upon login, they are respectively redirected to their dirs (user1 to user1.myserver.com [or myserver.com/user1, doesn't matter])
- If user1 finds out an adress of user2, and enters user2.myserver.com/... [or myserver.com/user2/...], given user1 credentials are given, user1 is again redirected to webserver root (and from there to home user1.myserver.com [or myserver.com/user1])
- admin should have access to webserver root and all directories below
I somewhat achieved this using php, but the solution is based on expiration of one-second cookies, and so it gets easy to say click on the webserver-root link as user1, and manage to send a request while the cookie hasn't expired yet, thereby gaining access.. Which is why I think solving this on the level of the server (lighttpd.conf) would be best :)
Here are the two files:
lighttpd.conf
http://pastebin.com/f7687751b
redirect.php
http://pastebin.com/f230ea369
Ideally, I'd like to have all users actually taken to webserver root upon login, and having shown only directories they have access to (so admin would see /admin, /user1, /user2, /guest; user1 would see /user1, /guest; user2 would see /user2, /guest; guest would only see /guest) - this could ideally be achieved (from admin perspective) by some sort of a chain in the .conf file, which also relates to dirlister properties...
Well, hope to hear back some comments - or suggestions on how to achieve what I want :) Thanks...
Replies (1)
RE: [Solved] Authentication based redirection - Added by gstrauss about 7 years ago
As noted in #1498, use mod_magnet with some custom lua code to get REMOTE_USER from the environment. REMOTE_USER will be the authenticated user, if authentication has occurred. If your router does not have mod_magnet, then you can build the package yourself with a cross-compilation environment. Alternatively, see if mod_magnet is part of a separate package for your router, or ask the maintainer to build mod_magnet with the lighttpd package. If none of this is possible, then it is also unlikely that you would be able to get the maintainer to release a package with an upgraded version of lighttpd.