New Message: Basic Auth, Apache, & Frontier

[webmaster at userland.com]

A new message was posted:

Address: http://frontier.userland.com/discuss/msgReader$14118

By: Brian Ablaza (bablaza at stargroup1.com)

I know the answer is probably, "it can't be done", but perhaps there is some trick to it.

I have an application running that is essentially a collection of cgi's running on Apache. Access to the app is controlled by a protected realm using standard Apache basic auth.

I need to add some functionality, and I'd like to set-up Frontier (or some other app) as a gateway. So visitors go to a url, are challenged for credentials, and enter the Frontier site. There, they can click on a link to the other app and they won't be challenged again.

My options, as I see it, are:

- somehow pass the credentials through when entering the main app (least likely)

- run as a cgi under Apache (possible performance issues?)

- fake out the user by placing a file (img or javascript) from the realm on a Frontier page, thereby triggering the authorization, and then testing for the presence/successful load/reading the HTTP headers in Frontier to verify that the user is authorized (most likely if even possible, but truly a hack)

Any ideas?

This is a Manila site.. http://manila.userland.com/.