136662 – ebuild for mod_auth_cookie_mysql2

Bug 136662 - ebuild for mod_auth_cookie_mysql2

Summary: ebuild for mod_auth_cookie_mysql2

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	All Other

Importance:	High enhancement (vote)
Assignee:	Default Assignee for New Packages

URL:
Whiteboard:
Keywords:	EBUILD

Depends on:
Blocks:

Reported:	2006-06-13 08:12 UTC by Richard Fleming
Modified:	2006-06-13 09:34 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
ebuild for mod_auth_cookie_mysql2 (mod_auth_cookie_mysql2-0.7.ebuild,1.26 KB, text/plain) 2006-06-13 08:15 UTC, Richard Fleming	Details
config file (55_mod_auth_cookie_mysql2.conf,3.72 KB, text/plain) 2006-06-13 08:18 UTC, Richard Fleming	Details
config file for mod_auth_cookie_mysql2 (55_mod_auth_cookie_mysql2.conf,3.73 KB, text/plain) 2006-06-13 08:57 UTC, Richard Fleming	Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Richard Fleming 2006-06-13 08:12:39 UTC

Greetings!

Please find attached mod_auth_cookie_mysql2-0.7.ebuild and 55_mod_auth_cookie_mysql2.conf for submission into portage.

With mod_auth_cookie_mysql2 you can authorize your users with cookies. An external script sets the cookie and this module checks it against a MySQL database. The username/password combination is only one time transferred to the webserver when the external authenticator script (which sets the cookie) checks the user data. The generated cookie consists only of random session data. So you can, for example, authenticate the user and set the cookie in a ssl connection and then use the cookie in a non-ssl environment and nobody can spy the username/password. Since the cookie is only random session data nobody can "hack" the system by manipulating the cookie values. Additionally you can add checks for session expiry and the correct remote ip on the server side.

I suggest placing this ebuild in www-apache since it's an Apache module.

This package depends on MySQL and Apache2

Comment 1 Richard Fleming 2006-06-13 08:15:58 UTC

Created attachment 89046 [details]
ebuild for mod_auth_cookie_mysql2

the ebuild

Comment 2 Richard Fleming 2006-06-13 08:18:15 UTC

Created attachment 89048 [details]
config file

Comment 3 Richard Fleming 2006-06-13 08:57:25 UTC

Created attachment 89053 [details]
config file for mod_auth_cookie_mysql2

the config file

Comment 4 Luca Longinotti (RETIRED) gentoo-dev

2006-06-13 09:34:20 UTC

The ebuild was added to CVS as www-apache/mod_auth_cookie_mysql2, it should show up on the rsync mirrors in a few hours.
I cleaned the ebuild up a bit by deleting the src_install part, as it's not needed (config files get chmod 0644 by default if you do nothing), and added apache-pkg_postinst to pkg_postinst() so that it outputs also the other, normal warnings and messages.
The config file also needed the directives to be wrapped inside a <Directory ""></Directory> block, which I did, commented out and added a comment about how it's needed for it to work and how to use it.
Thanks for the ebuild and config!
Best regards, CHTEKK.