willa666
asked on
authentication shared between 2 web servers
i have a requirement to sercure a website for a customer.
they have 2 apache web servers and i used mod_auth to do basic auth3entication on each webserver.
but i have an issue, where the users request is passed from one webserver to another, and this means that the end user has to0 authenticate twice.
So how can i have the authentication session mantained between both webservers.
they have 2 apache web servers and i used mod_auth to do basic auth3entication on each webserver.
but i have an issue, where the users request is passed from one webserver to another, and this means that the end user has to0 authenticate twice.
So how can i have the authentication session mantained between both webservers.
Impossible. You cannot pass sessions between servers not to mention 2 SSL certs are required for the solution.
Actually it is possible. It has been asked and answered here on EE, but for some reason I can't find it. IIRC instead of using mod_auth, you use mod_auth_digest and using the AuthDigestDomain directive.
http://httpd.apache.org/docs/2.0/mod/mod_auth_digest.html
I am still searching on EE to make sure that I remember correctly.
http://httpd.apache.org/docs/2.0/mod/mod_auth_digest.html
I am still searching on EE to make sure that I remember correctly.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Good to know. Really nice feature.