php redirect to proxy with authentication question

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Don't know if anybody has experience with the following, but I'm struggling
with a combination of a php script authentication and redirecting to a
proxy. The php script is some authentication against ldap and mysql and
does at the end:
if ($valid){
somedir is needs to be a totally different server not running apache.
So a rewriterule can take care of this to redirect to the internal server.
But how do I protect against a direct access of somedir and forcing of my
entry php script? Any ideas?

Re: php redirect to proxy with authentication question

joepielinux wrote:
Quoted text here. Click to load it

Not easy to do, and will take something shared by both machines.

For instance, if the two machines share a database, you could, after
validation, write a row to the database once the user logged in, then
pass a token (i.e. a long random string) in the GET parameters to the
other machine.  The other machine would have to request authentication
from the first machine.  After a period of time, of course, this string
would expire.

You could do something similar with a shared disk, but you have to watch
out for concurrency (i.e. the first machine reads only and the second
one writes only).

Maybe someone else has some ideas.  But somehow you'll have to have the
second machine validate from the first.

Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.

Site Timeline