Ah! Nice!

And simple, too. Thanks for that tip, Alessio.

On 3/19/06, Alessio Bragadini <alessio@sevenseas.org > wrote:
On 17/mar/06, at 02:02, George Clark wrote:

Has anyone out there looked into using Apache authentication for
userid/password validation?  Or using mod_auth_mysql against the Slash
database?  Any other approaches?

Our organization has several web applications.  I really need to figure out a
single signon capability.

I have a system working more or less this way, using mod_auth_mysql to read the Slash database. The directory containing the site statistics (managed by webalizer) is only accessible to administrators, i.e. Slash users with a seclev >= 10000.

<Location /stats>
AuthName "Admin"
AuthType Basic
AuthGroupFile /dev/null
AuthMySQLHost localhost
AuthMySQLDB database
AuthMySQLUser user
AuthMySQLPassword pass
AuthMySQLUserTable users
AuthMySQLNameField nickname
AuthMySQLPasswordField passwd          
AuthMySQLMD5Passwords On
AuthMySQLUserCondition seclev>=10000
require valid-user
</Location>

-- 
Alessio F. Bragadini            alessio@sevenseas.org