通过 PHP 进行动态 Apache 身份验证
[英]Dynamic Apache authentication via PHP
问题描述
I would like to implement a dynamic authentication process using Apache and PHP.
我想使用 Apache 和 PHP 实现动态身份验证过程。 My current project is break into two parts:我目前的项目分为两部分:
I have a classic LAMP project running, where users already have a login/password that I use to grant them access to different part of my system.
我有一个经典的 LAMP 项目正在运行,用户已经有一个登录名/密码,我用它来授予他们访问我系统不同部分的权限。Some documents (Text, Office, ...) are hosted on a separate DAV server (same server but different domains) and users may edit them directely from their Office program (Word, Excel...) using Dav/ActiveX/IE combination.
某些文档(文本、Office 等)托管在单独的 DAV 服务器(同一服务器但域不同)上,用户可以使用 Dav/ActiveX/IE 组合直接从其 Office 程序(Word、Excel...)编辑它们.
I would like to allow the users registered on my first system to use different DAV method based on their current right (stored in the DB)我想允许在我的第一个系统上注册的用户根据他们当前的权限使用不同的 DAV 方法(存储在数据库中)
For example, Mr X may have access to document A with PUT/GET method, but no access to document B.例如,X 先生可能可以使用 PUT/GET 方法访问文档 A,但无法访问文档 B。
I generally solve this kind of problem by using a PHP authentication, but, as far as I know, my authentication occured within the Microsoft Office application.我通常通过使用 PHP 身份验证来解决此类问题,但据我所知,我的身份验证发生在 Microsoft Office 应用程序中。 Office directly "discuss" with Apache so I certainly need to override the .htaccess file for example. Office 直接与 Apache “讨论”,所以我当然需要覆盖 .htaccess 文件。 I have too many users to store them by hand in the .htaccess (~10K) and many files on the DAV server (~1K).我有太多用户无法将它们手动存储在 .htaccess (~10K) 和 DAV 服务器上的许多文件 (~1K) 中。 Moreover, users rights may change over time.此外,用户权限可能会随着时间而改变。
Is there a way to generate dynamic htaccess files?有没有办法生成动态 htaccess 文件? Or to add some sort of handlers to "tell" Apache to allow or prohibit a user/password to certain file(s)?或者添加某种处理程序来“告诉”Apache 以允许或禁止某些文件的用户/密码?
2 个解决方案
解决方案1
3 已采纳 2012-05-15 16:09:30
All you need is http://modauthmysql.sourceforge.net/您只需要http://modauthmysql.sourceforge.net/
You can configure your apache by .htaccess to authenticate against mysql DB.您可以通过 .htaccess 配置您的 apache 以针对 mysql DB 进行身份验证。 Of course you can use existing Mysql tables with users in it.当然,您可以使用现有的 Mysql 表,其中包含用户。
Here is my working configuration:这是我的工作配置:
<Directory "/u05/data">
AllowOverride All
Order Allow,Deny
Allow from All
Deny from None
AddType application/octet-stream .rar
AuthName "Download zone - secured"
AuthType Basic
AuthMYSQLEnable on
AuthMySQLUser http_auth
AuthMySQLPassword http_auth
AuthMySQLDB mydatabase
AuthMySQLUserTable users
AuthMySQLNameField user_name
AuthMySQLPasswordField user_password
AuthMySQLPwEncryption crypt
require valid-user
</Directory>
解决方案2
0 2011-06-20 18:21:13
I guess you could setup a cron php file which queries the database, retrieves the usernames and their permissions and builds up the htacess file based on that info.我想你可以设置一个 cron php 文件来查询数据库,检索用户名及其权限,并根据该信息构建 htacess 文件。 The script should have write permissions on that htacess file so I suggest you put it somewhere safe, outside your web projects and outside the www directory.该脚本应该对该 htacess 文件具有写权限,因此我建议您将其放在安全的地方,在 web 项目之外和 www 目录之外。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.