[Chugalug] Access Control for LAMP

Dan Lyke danlyke at flutterby.com
Fri Oct 5 17:10:32 UTC 2012


On Fri, 5 Oct 2012 10:58:40 -0600
Eric Wolf <ebwolf at gmail.com> wrote:
> I need to implement a unified login across all their apps but it
> would be nice to not have to modify a bunch of code. Ideally, the
> system would have a central username/password (maybe even OpenID) and
> present a menu of apps available to that user. Access to the other
> apps not available to the user would be restricted even if the user
> worked out the URL.

Something that won't necessarily work: Links that embed the existing
username and password combos.

It seems like a really good idea to have a centralized login scheme
that then sends users off to

http://username@passwordtoken:server/internalapp

and this works absolutely swimmingly on Firefox and Chrome, but IE
won't do it unless you do some registry hacks.

Which sucks.

So, yeah, my first response was "centralized OpenID thing that
manages .htaccess files and funnels users off to URLs that
automatically log in to the existing apps", but when I actually tried
to implement that...

Turns out Microsoft thinks RFC 1738 is for losers.

Dan


More information about the Chugalug mailing list