Authentication Module, HTTPAuth

HTTPAuth is an HTTP proxy authentication module.

HTTPAuth connects to a specified HTTP server and sends an HTTP GET request containing the username, password and action (lookup,check,set,del,search) and any additional fields specified.

Please note, this module is a bit slow as it creates a cgi activation for every user lookup, fine for 100 users but not recommended for 10,000 user systems :-)

Installing and Setup

Configuration Options

Command Line Options

Supported Commands

Installing and Setup

Download the lastest code from the one of the links below:

Source code Not Available

Solaris httpauth10a_solaris.tar.Z 63k

FreeBSD 4 httpauth10a_freebsd4.tar.Z 19k

Linux (Libc6) httpauth10a_linuxlibc6.tar.Z 52k

Windows httpauth10a.exe 85k

Configuration Options:

Creating a configuration file (httpauth.ini) is mandatory. The file is named after the binary (with a .ini extension) so multiple instances may use different configurations.

Setting Default Description

address The address of the HTTP server.

port 80 The port of the HTTP server.

cgi The relative location of the cgi, eg /scripts/auth.exe or /cgi-bin/auth.cgi.

user_field user The name of the GET field the cgi expects the username to be in.

pass_field pass The name of the GET field the cgi expects the password to be in.

action_field action The name of the GET field the cgi expects the action to be in.

extra webauth=x Extra GET fields and values to pass to the cgi.

log_level error The level of logging in httpauth.log.

debug false Enable debug logging, identical to log_level debug.

Command Line Options:

-path Tells HTTPAuth where to create it's logfile and where to find it's config file.

Supported Commands

The commands below are the list of commands that this module supports. For a full description about the command see Authentication Protocol

Command	Parameters
check	<user> <pass>
lookup	<user>
set	<user> <pass>\|(NULL) [label="value"]
del	<user>
search	<string> [-from n] [-max m]
version
help
quit
exit

The response expected by HTTPAuth differs slightly to the other modules in that it expects an HTTP reponse in the form:

HTTP/1.0 200 OK
.. any HTTP headers .. eg Content-Type
.. a blank line ..
+OK or -ERR response

Source code	Not Available
Solaris	httpauth10a_solaris.tar.Z	63k
FreeBSD 4	httpauth10a_freebsd4.tar.Z	19k
Linux (Libc6)	httpauth10a_linuxlibc6.tar.Z	52k
Windows	httpauth10a.exe	85k

Setting	Default	Description
address		The address of the HTTP server.
port	80	The port of the HTTP server.
cgi		The relative location of the cgi, eg /scripts/auth.exe or /cgi-bin/auth.cgi.
user_field	user	The name of the GET field the cgi expects the username to be in.
pass_field	pass	The name of the GET field the cgi expects the password to be in.
action_field	action	The name of the GET field the cgi expects the action to be in.
extra	webauth=x	Extra GET fields and values to pass to the cgi.
log_level	error	The level of logging in httpauth.log.
debug	false	Enable debug logging, identical to log_level debug.