stackoom
  简体   繁体   中英

Dynamic Apache authentication via PHP

 原文  2011-06-06 12:54:42       php/ apache/ .htaccess/ authentication/ webdav

Question

I would like to implement a dynamic authentication process using Apache and PHP. My current project is break into two parts:

  1. I have a classic LAMP project running, where users already have a login/password that I use to grant them access to different part of my system.

  2. Some documents (Text, Office, ...) are hosted on a separate DAV server (same server but different domains) and users may edit them directely from their Office program (Word, Excel...) using Dav/ActiveX/IE combination.

I would like to allow the users registered on my first system to use different DAV method based on their current right (stored in the DB)

For example, Mr X may have access to document A with PUT/GET method, but no access to document B.

I generally solve this kind of problem by using a PHP authentication, but, as far as I know, my authentication occured within the Microsoft Office application. Office directly "discuss" with Apache so I certainly need to override the .htaccess file for example. I have too many users to store them by hand in the .htaccess (~10K) and many files on the DAV server (~1K). Moreover, users rights may change over time.

Is there a way to generate dynamic htaccess files? Or to add some sort of handlers to "tell" Apache to allow or prohibit a user/password to certain file(s)?

2 answers

solution1
 3 ACCPTED  2012-05-15 16:09:30

All you need is http://modauthmysql.sourceforge.net/

You can configure your apache by .htaccess to authenticate against mysql DB. Of course you can use existing Mysql tables with users in it.

Here is my working configuration:

    <Directory "/u05/data">
            AllowOverride All

            Order Allow,Deny
            Allow from All
            Deny from None

            AddType application/octet-stream .rar
            AuthName "Download zone - secured"
            AuthType Basic

            AuthMYSQLEnable on
            AuthMySQLUser http_auth
            AuthMySQLPassword http_auth
            AuthMySQLDB mydatabase
            AuthMySQLUserTable users
            AuthMySQLNameField user_name
            AuthMySQLPasswordField user_password
            AuthMySQLPwEncryption crypt

            require valid-user
    </Directory>

solution2
 0  2011-06-20 18:21:13

I guess you could setup a cron php file which queries the database, retrieves the usernames and their permissions and builds up the htacess file based on that info. The script should have write permissions on that htacess file so I suggest you put it somewhere safe, outside your web projects and outside the www directory.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache / PHP and dynamic CORS PHP Apache NTLM Authentication Alternate SSO Authentication - Apache/PHP/ActiveDirectory Laravel 5: Apache php http authentication Using Digest Authentication with PHP + Apache Dynamic menu via PHP CGI Authentication via PHP script? Server authentication via PHP session HTTP authentication logout via PHP Configure apache alias via PHP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM