non-.htaccess cached authentication recommendation

Posted on 2003-03-23
Medium Priority
Last Modified: 2010-03-04
I'm creating a page into which users will log in. This web server is running on apache, on a FreeBSD machine. The pages will be created in Perl. I will be authenticating off a remote radius server using Authen::Radius. That's what I'm working with, so these details are not an option.

All of the above I've worked with before, except for the idea of caching an authentication. For example, index.html requests username and password. They log in, and now they are authenticated, and can now view all the rest of the pages and such while still being logged in.

I have used .htaccess for this sort of thing in the past, but this time I will not have a local password database with which to work. I will need to use Authen::Radius for each user authentication attempt, and I'm sort of stumped as to how to let users stay logged in, but if they close the browser, or enough time goes by, they get logged out.

What do folks recommand for this sort of thing? I was assuming it would be cookie based authentication caching. Can anyone think of any examples where the source might be available? Do I need to build a check into every single subsequent page of the website that checks and verifies the cached connection?

I'm afraid I don't know much about authentication, so it's hurting this project..


Question by:dgoyette
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Accepted Solution

bobsledbob earned 500 total points
ID: 8192969

> I was assuming it would be cookie based authentication caching.

Well, cookies are one pretty good answer.  You can also send / receive the appropriate headers which would generate the 'basic authentication' that .htaccess files would.  This is another option.  Sorry, I would only be able to give you example code in PHP, not PERL.

> Do I need to build a check into every single subsequent page of the website that checks and verifies the cached connection?

Basically yes.  You can be elegant about it (using included files, etc.)  You can probably help speed up the Radius functions by caching the information somewhere (in a session (implying cookies), a flat file, etc.)

By the way, I believe there is an apache module called mod_auth_radius that would basically allow you to write .htaccess files (as you're accustomed to), but would then authenticate against your radius server.  Check google.


Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses
Course of the Month9 days, left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question