SLUG Mailing List Archives
Re: [SLUG] safe(ish) single-login from website
- To: SLUG <slug@xxxxxxxxxxx>
- Subject: Re: [SLUG] safe(ish) single-login from website
- From: Gavin Carr <gavin@xxxxxxxxxxxxxxxxx>
- Date: Tue, 15 Feb 2005 23:13:53 +1100
- Organisation: Open Fusion
- User-agent: Mutt/1.4.1i
On Tue, Feb 15, 2005 at 04:41:23PM +1100, Taryn East wrote:
> the issue is that our business allows some of our website to be viewable
> through the website of some of our "channel partners". These channel
> partners have a login to our website to allow them to do this.
> However, the channel partners have customers that only have a login to
> the channel-partner websites... and the channel partners don't want to
> directly give them the login to our site, but do want the pages
> displayed (generally using yucky frames... but hey).
> ok, now they aparrently used to do this by having a url with the
> username/password in it (ie using "basic" http authentication with the
> login details as parameters).
Try mod_auth_tkt: http://www.openfusion.com.au/labs/mod_auth_tkt/
mod_auth_tkt is a drop-in replacement for basic authentication that
uses MD5 tickets to authenticate users. Tickets are usually provided
via cookies, but in your case it's probably easier to provide them via
your url (like you were doing for username/password before). (This is
better because your referring site is going to be on a different domain
than yours, which can screw cookies up.)
So in your context you could, for instance:
- modify the standard mod_auth_tkt login CGI to return the ticket it
produces for valid users as text output, rather than setting a cookie with it
- get your channel partners to login via that CGI periodically and save
the ticket to a text file e.g.
wget -O ticket https://www.taryn.com/cgi-bin/ticket.cgi?user=foo;pass=bar
- get your channel partners to include that ticket on the initial referral
to your site in the url e.g.
Open Fusion P/L - Open Source Business Solutions [ Linux - Perl - Apache ]
ph: +612 9875 5032 fax: +612 9875 4317
web: http://www.openfusion.com.au mob: +61 403 171712
- Fashion is a variable, but style is a constant - Programming Perl