Comments on: Serving up authenticated static files https://grey-panther.net/2007/07/serving-up-authenticated-static-files.html Just another WordPress site Thu, 26 Jun 2008 05:03:19 +0000 hourly 1 https://wordpress.org/?v=6.5.2 By: Anonymous https://grey-panther.net/2007/07/serving-up-authenticated-static-files.html#comment-705 Thu, 26 Jun 2008 05:03:19 +0000 https://grey-panther.net/?p=841#comment-705 X-SendFile is probably also worth looking at, if you’re not on shared hosting, or can get it installed by your ISP.

http://blog.adaniels.nl/articles/how-i-php-x-sendfile/

]]> By: Anonymous https://grey-panther.net/2007/07/serving-up-authenticated-static-files.html#comment-774 Fri, 28 Sep 2007 16:30:35 +0000 https://grey-panther.net/?p=841#comment-774 Something similar to this method was already created, and used in TooMuchMedia’s “Sparta” authentication package, now defunct.

Working as an Apache module, it caches users in a local memcached daemon on the webserver, but rather than relying on user:pass@host references, which browsers now sometimes need to be tweaked to use, it used DNS wildcards.

So, if you setup bind for

$ORIGIN dom.com
subdom in A
$ORIGIN subdom.dom.com
* IN A ….

You’d authenticate, and it’d send a redirect to:

userhash+passhash.hosthash.subdom.dom.com, which was then looked up against the memcache daemon (falling back to SQL auth if miss).

This looked like a promising product, and something I’d love to use for different authentication methods; mod_auth_mysql is really archaic, and Apache 2.2’s auth_dbd still has quite a bit of work to go!

]]>