I would like to implement a dynamic authentication process using Apache and PHP.
My current project is break into two parts:
-
I have a classic LAMP project running, where users already have a login/password that I use to grant them access to different part of my system.
-
Some documents (Text, Office, …) are hosted on a separate DAV server (same server but different domains) and users may edit them directely from their Office program (Word, Excel …) using Dav/ActiveX/IE combination.
I would like to allow the users registered on my first system to use different DAV method based on their current right (stored in the DB)
For example, Mr X may have access to document A with PUT/GET method, but no access to document B.
I generally solve this kind of problem by using a PHP authentication, but, as far as I know, my authentication occured within the Microsoft Office application.
Office directly “discuss” with Apache so I certainly need to override the .htaccess file for example.
I have too many users to store them by hand in the .htaccess (~10K) and many files on the DAV server (~1K).
Moreover, users rights may change over time.
Is there a way to generate dynamic htaccess files? Or to add some sort of handlers to “tell” Apache to allow or prohibit a user/password to certain file(s)?
All you need is http://modauthmysql.sourceforge.net/
You can configure your apache by .htaccess to authenticate against mysql DB.
Of course you can use existing Mysql tables with users in it.
Here is my working configuration: