HTTPAuth is an HTTP proxy authentication module.
HTTPAuth connects to a specified HTTP server and sends an HTTP GET request containing the username, password and action (lookup,check,set,del,search) and any additional fields specified.
Please note, this module is a bit slow as it creates a cgi activation for every user lookup, fine for 100 users but not recommended for 10,000 user systems :-)
Download the lastest code from the one of the links below:
Source code Not Available Solaris httpauth10a_solaris.tar.Z 63k FreeBSD 4 httpauth10a_freebsd4.tar.Z 19k Linux (Libc6) httpauth10a_linuxlibc6.tar.Z 52k Windows httpauth10a.exe 85k
Creating a configuration file (httpauth.ini) is mandatory. The file is named after the binary (with a .ini extension) so multiple instances may use different configurations.
Setting Default Description address The address of the HTTP server. port 80 The port of the HTTP server. cgi The relative location of the cgi, eg /scripts/auth.exe or /cgi-bin/auth.cgi. user_field user The name of the GET field the cgi expects the username to be in. pass_field pass The name of the GET field the cgi expects the password to be in. action_field action The name of the GET field the cgi expects the action to be in. extra webauth=x Extra GET fields and values to pass to the cgi. log_level error The level of logging in httpauth.log. debug false Enable debug logging, identical to log_level debug.
-path Tells HTTPAuth where to create it's logfile and where to find it's config file.
The commands below are the list of commands that this module supports. For a full description about the command see Authentication Protocol
|set||<user> <pass>|(NULL) [label="value"]|
|search||<string> [-from n] [-max m]|
The response expected by HTTPAuth differs slightly to the other modules in that it expects an HTTP reponse in the form:
HTTP/1.0 200 OK
.. any HTTP headers .. eg Content-Type
.. a blank line ..
+OK or -ERR response