Mostly copied from mod_auth_basic of apache-2.2.
The basic-auth handshake was replaced by some code which gets the userid out of a customable variable. The variable could be anything ap_expr could read in authentication hook, e.g.: a header field, a httpd environment variable or an SSL environment variable. The syntax is the same known from RewriteCond of mod_rewrite: e.g.: %{HTTP:variable}, %{ENV:variable} or %{SSL:variable}
No password is written into internal httpd variables. So the authentication has to be validated by mod_authn_anon.
For authorisation any of the authz standard modules could be used.
Features
- accept authentification of a an other server (e.g. reverse proxy)
- accept authentification by trusting HTTP Header variable
- accept authentification by trusting Environment variable
- accept authentification by trusting SSL variable (e.g. SSL_CLIENT_M_SERIAL)
Categories
HTTP ServersLicense
Apache License V2.0Follow mod_auth_trustheader
Other Useful Business Software
$300 Free Credits for Your Google Cloud Projects
Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of mod_auth_trustheader!