| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Optimize BASIC AUTH checks with sessions. | Simo Sorce | 2015-06-13 | 1 | -0/+4 |
| | | | | | | | | | If sessions are enbled store a MAC of the password and use it to check if the password is the same on follow-up requests. If it is, avoid the whole gssapi dance and use the session data instead. Signed-off-by: Simo Sorce <simo@redhat.com> | ||||
| * | Add mod_session support | Simo Sorce | 2014-07-10 | 1 | -0/+10 |
| By setting GssapiUseSessions we enable the module to store a bearer token with the user and gss names in the client, this way we can allow clients to perform authentication once but then remain authenticaed for the duration of the session or until the original credentials expire. The Secure cookie used to store the token is encrypted using a randomly generated AES key at process startup. This means multiple apache servers will not be able to use the same cookie, however the client will reauth transparently if the cookie cannot be read. | |||||
 |
index : mod_auth_gssapi.git | |
| A GSSAPI based replacement for the aging mod_auth_kerb. | Simo Sorce |
| summaryrefslogtreecommitdiffstats |