Forwarding authentication/authorization from Apache to an external server using udp-sockets
One half of this software is a modul designed to be linked into the Apache http server. (Version 1.3.x) The other half is an external serverprogram, that queries a datasource to retrieve the user, password and group information, that is needed for authentication and authorization. The first implementation of the server is written in C and queries a PostgreSQL database, but I have designed it in a way, that there is only one file, that interacts with PostgreSQL. So you can think of this server as a template for building your own.
This software was written, because I couldn't find anything else that works for me. The original problem is this: I'm responsible for a website, that is completely password-protected, including franesets, images, etc ...
Usernames und passwords are kept in a PostgreSQL-database. This makes maintaining the userlist quite easy.
There exists a module (mod_auth_pgsql),
that can retrieve the authentication information from the database,
but it has one big problem: for each and every request it opens a new
connection to the database, performs a single select and then shuts
down the connection.
The startpage of my website contains three frames and about 20 images. So for viewing the startpage you have to connect 24 times to the database, do a select and then disconnect. This is slow!
The module builds one - hopefully small - packet. Normally this packet would only contain the Username. It then creates a udp-socket and sends this packet to the udpauthsrv, wich is waiting for incoming packets. The server reads the packet and the address of the clients socket, retrieves the password from the database and sends it back to the client. The client compares the passwords, and if they match grants access to the requested object.
So one packet sent and one packet recieved, and all is done.
A detailed description of the protocol is part of both download-packages.
Here is the description of mod_auth_udp. The installation instructions are in the module-source.
The apache-module mod_auth_udp
The server, that connects to the PostgreSQL-database.
The module is published under the Apache License. The server is published under the Gnu GPL Version 2 .
create server-templates for other programming languages (Java, Tcl, ... )
make more information about the request available to the server.
You can reach me at firstname.lastname@example.org . Feel free to send an email, if you have any comments, questions, patches ...