Apache module for HTTP Basic authentication/authorization in the Remedy Action Request System (ARS).
Copyright 2001 Rafal Michalski (firstname.lastname@example.org).
The Remedy Action Request System is a trademark of Remedy Corporation, Mountain View, CA, USA.
Remedy home page is at http://www.remedy.com.
Users of the Remedy Action Request System are organized in groups as in UNIX. Each user may belong to several groups. Users log into server using passwords. ARS stores information in so-called schemas, an analogue of tables in a relational database. Schemas have records. There is a schema named User storing user information such as Login Name and Password, one record for each user. This schema corresponds to /etc/passwd on UNIX. Another schema named Group stores information about groups - it is for ARS what /etc/group is for UNIX.
On HTTP request to a constrained URL, the browser supplies Apache with username and password typed in the Basic authentication box. The module opens connection to the Remedy server RemedyServer as user RemedyBindName with password RemedyBindPass, and seeks the User schema for record with Login Name equal to the browser-supplied username. Only if the record exists and contains password that matches the browser-supplied password, the module tells Apache to let the user in. If RemedyBindName directive is <None>, the module attempts to log onto Remedy staighfoward with browser-supplied username/password and if this login succeeds, it lets to access the URL.
The User schema record contains list of groups the user belongs to. This list is compared to the content of the standard Require group directive in the authorization phase.
The module supports the following run-time configuration directives:
This code is free software. You can use it, redistribute it and/or modify it under the same terms as the Apache WWW server.
Apache: The Definitive Guide, 2nd Edition
By Ben Laurie & Peter Laurie
Writing Apache Modules with Perl and C.
By Lincoln Stein & Doug MacEachern