mod_auth_trustheader download

Mostly copied from mod_auth_basic of apache-2.2.

The basic-auth handshake was replaced by some code which gets the userid out of a customable variable. The variable could be anything ap_expr could read in authentication hook, e.g.: a header field, a httpd environment variable or an SSL environment variable. The syntax is the same known from RewriteCond of mod_rewrite: e.g.: %{HTTP:variable}, %{ENV:variable} or %{SSL:variable}

No password is written into internal httpd variables. So the authentication has to be validated by mod_authn_anon.
For authorisation any of the authz standard modules could be used.

Features

accept authentification of a an other server (e.g. reverse proxy)
accept authentification by trusting HTTP Header variable
accept authentification by trusting Environment variable
accept authentification by trusting SSL variable (e.g. SSL_CLIENT_M_SERIAL)

Project Activity

See All Activity >

License

Apache License V2.0

Follow mod_auth_trustheader

mod_auth_trustheader Web Site

Other Useful Business Software

AI-generated apps that pass security review

Stop waiting on engineering. Build production-ready internal tools with AI—on your company data, in your cloud.

Retool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.

Try Retool free

Rate This Project

User Reviews

Be the first to post a review of mod_auth_trustheader!

Additional Project Details

Intended Audience

Other Audience, Security, Security Professionals, System Administrators

Programming Language

Related Categories

C HTTP Servers

Registered

2012-04-09

Similar Business Software

Jaisocx

Since 2024 Jaisocx supports PHP over HTTP/3, intuitively switching among HTTP/1.1, h2 and h3 depending on negotiation with HTTP client. a) Unique feature is Charset detection of published text contents, and making browser showing correctly extended ascii chars like in German or French alphabets....

See Software
Mako Server

The Mako Server is a compact, event-driven web and application server designed for resource-constrained systems. Engineered for embedded environments, it combines a lightweight HTTP/HTTPS server with a Lua scripting engine, enabling high-level development with direct access to low-level C code....

See Software
Tengine

Tengine is a web server originated by Taobao, the largest e-commerce website in Asia. It is based on the Nginx HTTP server and has many advanced features. Tengine has proven to be very stable and efficient on some of the top 100 websites in the world, including Taobao and tmall. Tengine has been...

See Software
H2O

H2O is a new generation HTTP server that provides a quicker response to users with less CPU utilization when compared to older generation of web servers. Designed from the ground up, the server takes full advantage of HTTP/2 features including prioritized content serving and server push,...

See Software
OpenLiteSpeed

OpenLiteSpeed is the Open Source edition of LiteSpeed Web Server Enterprise. Both servers are actively developed and maintained by the same team, and are held to the same high-quality coding standard. OpenLiteSpeed contains all of the essential features found in LiteSpeed Enterprise, and...

See Software
KSWEB

It is enough to install KSWEB on your Android device and copy scripts to the htdocs folder on the memory card. After that, you can run your web content! So, KSWEB is a set for web developers for the Android platform. The package consists of a web server, FTP server, PHP programming language,...

See Software