C based client

Paul Querna chip@force-elite.com
Fri, 02 Jan 2004 17:06:24 -0800 

Brad Fitzpatrick wrote:
> Paul,
> 
> I believe it's all been a lot of talk.

Thats too bad :(

> 
> I'm interested to hear more about your Apache module, if you'd care
> elaborating.  Apache 1.3 or 2.0?  Works in conjunction with any/which auth
> modules?  You currently hitting performance problems with your existing
> auth?

The module I am writing is for Apache 2.1 only (No Official releases, 
only in CVS -head).  The Auth System in Apache was completely changed in 
2.1.  It allows you to register "providers" for the Basic and Digest 
AuthTypes.

For example:

       <Directory  "/path/to/htdocs/to/be/protected">
         AuthType Basic
         AuthName "basic testing area"
         AuthBasicProvider dbi file
         AuthnDbiServerConfig Server1
         AuthUserFile /path/to/.htpasswd
         Require valid-user
       </Directory>

The AuthBasicProvider can be a list of authn_* modules to provide the 
username and password validation.  This is much more flexible than how 
authentication is handled in 1.3 and 2.0.

Anyways, my module is called mod_authn_cache and it registers as a 
provider for Digest and Basic.  Other Authn Modules will register as 
providers for the cache module.  This allows a transparent caching of 
Authentication Results.
For example:

       <Directory  "/path/to/htdocs/to/be/protected">
         AuthType Basic
         AuthName "soap protected area"
         AuthBasicProvider cache
         AuthnCacheProvider ubi_soap
         AuthnUbiSoapUrl http://foo/foo
         Require valid-user
       </Directory>

I would like to use memcached for a proprietary module that talks to a 
SOAP based back end to authenticate users. (this back end is out of my 
control)  The  SOAP back end is rather slow and stops requests from 
completing quickly. So, my plan was to use memcached as one possible 
back end for mod_authn_cache. (other possible back ends might be local 
shared memory, or perhaps in process hash tables).

I also use mod_authn_dbi to authenticate other clients. This can use 
MySQL/PgSQL/SQLite databases.  It pools database connections(very nice 
with the Worker MPM) and it's performance has never been an issue.

Check out http://mod-auth.sourceforge.net/ for more info.

mod_authn_dbi is already on there, along with a couple other modules 
under development for the new 2.1 Auth API.

-Paul Querna

> 
> - Brad
> 
> 
> On Fri, 2 Jan 2004, Paul Querna wrote:
> 
> 
>>Hello,
>>
>>I am working on adding memcached into an apache module(caching
>>authentication results, the module will be open source).  There have
>>been several mentions on the list archive of various people starting on
>>a C library for memcached, but no one has posted their source code.  Has
>>any progress on this been made, or should I just write my own from scratch?
>>
>>If even a partially completed library is done, I would be interested in
>>using it as a starting point.
>>
>>Thanks,
>>
>>Paul Querna
>>
>>