Its an appropriate list, but we only have a few Apache module experts. I'm not one of them. :-) So you may do better on a more Apache-oriented forum for general questions on how how to chain modules together.
That said, in general you can chain authentication modules, though I don't know if they can chain well enough such that one provides authn and one provides authz. You'd have to see how they work (i.e. what happens if mod_auth_mysql doesn't get a password? If one authn module succeeds do the other ones get tried? CAS can send back attributes via SAML1.1. Can that be used in conjunction with your authorization needs? On Tue, Aug 24, 2010 at 2:09 PM, Marc Thompson <[email protected]>wrote: > My apologies if I've posted this query to the wrong list? If so, can you > point out a better forum for this type of question? > > > On 8/23/2010 2:47 PM, Marc Thompson wrote: > >> We have been using basic authentication for years to password >> protect directories on an Apache server. Now our university has >> implemented and deployed CAS and it has been working great. >> We have also integrated mod_auth_cas on Apache and that works pretty >> good also. >> Next we would like to be able to store user authorization info like >> username and group assignment in a MySQL database, so that we can >> assign users and groups to certain Apache served directories. >> Has anyone done this? Allow certain Apache served directories to be >> password protected via CAS authentication and MySQL authorization? >> I was thinking that perhaps a combination of Apache modules in a >> certain order might work? For instance, mod_auth_cas followed by >> mod_auth_mysql? That way if a directory is encountered that >> contains a .htaccess file requiring an authenticated user, they >> would be redirected to CAS. Once authenticated their username could >> then be used by mod_auth_mysql to check for a match and then group >> info derived from that successful match? >> Any pointers or suggestions would be greatly appreciated... >> Marc >> > > -- > ------------------------------------------- > Marc Thompson > Software Engineer > Media Solutions > University Information Technology > University of Utah > 801.585.9264 > [email protected] > ------------------------------------------- > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
