Please ignore this message. My mail client was misconfigured (! in my email
address), and I expected the message to bounce. I sent another message this
morning that was very similar to this one, and now this one shows up. Darn
it!
Cheers!
-klm.
----- Original Message -----
From: "Ken Miller" <[EMAIL PROTECTED]>
To: "Modperl" <[EMAIL PROTECTED]>
Sent: Tuesday, June 04, 2002 3:56 PM
Subject: Doing security for backend applications
> Let's say I have the following configuration:
>
> 1. Front end proxy server (no mod_perl)
> 2. Back end application server (mod_perl)
> 3. Back end application server (php)
>
> Now, *all* application requests are passed to the mod_perl server (yes,
> including the php requests). Performing security checks for all the
> applications on the mod_perl server is easy via a few simple handlers.
> However, I also want to *transparently* handle high-level application
access
> security for the applications served from the php server using the same
> perl/db modle I use in the mod perl server.
>
> So, php application requests would bounce from the proxy server to the mod
> perl server to the php server.
>
> Is this workable? I currently use mod_rewrite to proxy the requests to the
> mod_perl server, and I'm assuming I would have to do something similar for
> the php server. However, I'm not all that sure how to do this, since I
> don't think mod_rewite will work the way I expect - I need to configure a
> <Location> but mod_rewrite doesn't work with <Location>. Or does it?
>
> In case anyone is wondering, I'm working on constructing a dynamic
front-end
> portal that will gate through to various applications, some developed in
> house, others obtained from third parties - the clients wants to perform a
> global security check before getting to the application, hence the stuff
> that I'm creating.
>
> This is all related to a single sign-on environment - once the user has
> signed on an encrypted cookie will contain the application security
> information used to authorize the user int the various applications.
>
> Many thanks!
>
> -klm.
>
>
>
