|
Please confirm the following:
1) If you have a context setup as follows:
Realm: (empty)
Authentication Name: (empty or non-empty)
Authorizer: [VHost Level]: (program)
...then the following happens:
1a) The authorization program is invoked without any REMOTE_USER or REMOTE_PASSWORD fields.
1b) If the program returns a status other than '200', a blank page is displayed.
This functions like FastCgiAuthorizer in apache's mod_fcgi.
2) If you setup a context as follows:
Realm: (file-database realm)
Authentication Name: (empty or non-empty)
Authorizer: [VHost Level]: (program)
...then the following happens:
2a) An authentication dialog is displayed to the user until they enter credentials that match the database file.
2b) The authorization program is invoked. REMOTE_USER is set to the name of the authenticated user. The REMOTE_PASSWORD field is NOT sent. If the program returns a status other than '200', a blank page is displayed.
This functions like FastCgiAuthorizer in apache's mod_fcgi.
3) There is no way to bring up a dialog and pass the contents to a fastcgi. Litespeed has no support for FastCgiAuthenticator in apache's mod_fcgi.
CONCLUSION:
If you want to AUTHENTICATE uses at the web-server level, your only options are Litespeed's password files or LDAP implementation. If you want to use a custom authentication procedure, you have to use Litespeed as a reverse proxy in front of apache, which supports this functionality.
SUGGESTION:
Create a new Realm type called 'FastCGI' (in addition to 'Password File' and 'LDAP'). When this is selected in a context, the webserver displays a login dialog and passes the REMOTE_USER and REMOTE_PASSWORD environment variables to the fastcgi. In this instance, the cgi works like a FastCgiAuthenticator in apache's mod_fastcgi.
Last edited by edlott; 09-01-2009 at 10:07 AM..
|