On 27 Jul 96 17:42:19 MET, dlincke_at_bandon.unisg.ch (David-Michael
Lincke) wrote:
>If that's the case and
>you are having users input usernames and passwords first anyway then you
>can secure the relevant directory subtree by using the http basic
>authentication mechanism. You will then get username and password
>information on every subsequent request in environment variables.
>Most state of the art web servers implement this
>through NDBM persistent hash tables nowadays. But some extensible servers
>that feature an API will allow you to use whatever you want as a source of
>authorization data. I just recently wrote an NSAPI module which does
>authentication via Oracle.
That's it! On the nose. We are using basic authentication via
Netscape but want the authentication to come from the Oracle server.
It's one thing to maintain appropriate authentication ID databases,
but when you have multiple work groups generating projects off of the
same data it makes more sense to us to allow the database security to
do its job. That way users don't have to have half a dozen IDs and
passwords scattered around on different systems.
So it sounds like you have already addressed this via NSAPI? Is that
the best way? I had hoped to find a routine already written somewhere
on the net. I can't believe Oracle wouldn't something to address
this.
