homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / WebmasterWorld / New To Web Development
Forum Library, Charter, Moderators: brotherhood of lan & mack

New To Web Development Forum

Kerberos Authentication and Session Cookies? Help!
Help with maintaining credentials

5+ Year Member

Msg#: 3739738 posted 5:34 pm on Sep 6, 2008 (gmt 0)

I have an Apache 2.0 web server setup as an Intranet for my company. I have a </Directory> container that is setup to authenticate to an Active Directory farm. The I&A works just fine.
However, It is easy to bypass the authentication by just adding one of the directories that is in /var/www/html with a trailing /. For example, in my browser if I enter:


I am forced to authenticate.

However, if I enter:


I bypass authentication.

I need to have my users perform I&A once, then carry their I&A credentials throughout their browsing session. I am guessing this would require cookies of some sort that contain the I&A information.

If cookies are the solution, then I could use some help setting up Apache to issue cookies for each login. I would then like people to be able to surf the other directories without having to re-authenticate every time they click another link.

Any links, advice, instructions, man pages, would be helpful. I am a novice when it comes to setting up Apache in this way.

Thank you!


Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / New To Web Development
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved