- From: John Franks <john@math.nwu.edu>
- Date: Fri, 29 Mar 1996 11:46:26 -0600
- To: dnew@fv.com, www-talk@w3.org
I don't know if this thread is a theoretical discussion or a practical one with the intent of actually solving someone's problem. If it is the latter you might want to look at the WN server (see http://hopf.math.nwu.edu/) which handles the problem at hand on UNIX systems in a reasonably secure way. With WN you can write "authentication modules". These are not "compiled in" modules, but like CGI scripts and they can be written in any language. They get the authentication data by reading stdin (the server creates a pipe) and they signal accept, reject, or error by their return status. No sensitive information goes in the environment. Also the authentication module gets called before any CGI script so the CGI script is never called if access is denied. This was the other problem mentioned here. Of course this is not portable to other servers, much less other OS's but it has allowed things like kerberos integration to Web authentication. John Franks Dept of Math. Northwestern University john@math.nwu.edu
Received on Friday, 29 March 1996 12:46:53 UTC