[prev in list] [next in list] [prev in thread] [next in thread]
List: bricolage-devel
Subject: Re: New Authentication Module
From: "David E. Wheeler" <david () kineticode ! com>
Date: 2008-10-15 16:35:48
Message-ID: C2CEF1D3-2B97-44BB-A446-E6C7CB923A4E () kineticode ! com
[Download RAW message or body]
On Oct 15, 2008, at 08:51, Marshall Roch wrote:
> Basically, mod_pubcookie intercepts the request at the Apache level
> (before mod_perl or Bricolage or anything else) and handles the SSO,
> sending you off to a login server if you're not logged in. Then
> you're returned to the page with a cookie that mod_pubcookie uses to
> authenticate you. So when the request gets to mod_perl, the
> REMOTE_USER environment variable contains the authenticated user's
> username. You can always trust REMOTE_USER. I'm not sure how
> mod_auth_cas works, but I'm guessing it's somehow similar in that
> you wouldn't ever need to use the Bricolage login page.
Have a look at RT. It has a configuration setting to trust Apache's
authentication stuff. I'm not sure if it just trusts REMOTE_USER or
what.
> So if REMOTE_USER is set by Apache, then you can just call
> set_user() and create the session. Looks like you'd probably want to
> add it directly to Bric::App::Auth::auth() rather than a separate
> auth plugin.
Sounds pretty simple.
Best,
David
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic