Hi Kevin,
That is a tough problem! My advice to you is to write a mod_python authentication filter that checks the cookie. I expect you're the first person to do this, so you'll have fun on the way. When you're done, please share the code with the community as I'm sure others will find it useful!
Paul [EMAIL PROTECTED] wrote:
OK, so I've run into a problem. Using TG to authenticate access to my private static files is fine, if a little slow. But I have files that aren't just HTML. Some legacy files require server-side processing by Apache. Like PHP scripts. How in the hell can I secure access to those? I must admit to being an Apache noob. Is there any way to integrate the .htaccess mechanism with a cookie supplied by my TG app? Apache doesn't even have to care who the user is logged in as, only that they're logged in? As such, I could imagine supplying, in a cookie, a time-coded hash from my TG app. And then using some mechanism in Apache to validate the hash value against the current time. I guess I could integrate such a thing into the PHP scripts, but I'd rather not change them, nor write a bunch of PHP code, if that's possible. Any ideas? Stuart >
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
