Re: [Slashcode-general] Slashcode using Apache authentication?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Anyone know if you can base the UserCondition off the results from a  
stored procedure or function?

I hate basing anything in slashcode on seclev, because it's limiting.  
But ACL's, ah, you can do so much with them.

What I was thinking was something like

AuthMySQLUserCondition CALL hasACL('statsaccess')

where the function hasACL would look at the users_acl table and  
return 1/0.

  Shane

On Mar 20, 2006, at 9:19 AM, Clifton Wood wrote:

> Ah! Nice!
>
> And simple, too. Thanks for that tip, Alessio.
>
> On 3/19/06, Alessio Bragadini <al...@se... > wrote:
> On 17/mar/06, at 02:02, George Clark wrote:
>
>> Has anyone out there looked into using Apache authentication for
>> userid/password validation?  Or using mod_auth_mysql against the  
>> Slash
>> database?  Any other approaches?
>>
>> Our organization has several web applications.  I really need to  
>> figure out a
>> single signon capability.
>
> I have a system working more or less this way, using mod_auth_mysql  
> to read the Slash database. The directory containing the site  
> statistics (managed by webalizer) is only accessible to  
> administrators, i.e. Slash users with a seclev >= 10000.
>
> <Location /stats>
> AuthName "Admin"
> AuthType Basic
> AuthGroupFile /dev/null
> AuthMySQLHost localhost
> AuthMySQLDB database
> AuthMySQLUser user
> AuthMySQLPassword pass
> AuthMySQLUserTable users
> AuthMySQLNameField nickname
> AuthMySQLPasswordField passwd
> AuthMySQLMD5Passwords On
> AuthMySQLUserCondition seclev>=10000
> require valid-user
> </Location>
>
> -- 
> Alessio F. Bragadini            al...@se...
>
>