I have a customer who requires BASIC authentication for their site. They have a fair amount of traffic as well as a very quickly growing userbase. They were on mod_auth_mysql before, but with hundreds of apache children that is not very practical.
I suggested a change to a signed-session-cookie type system, but they would not go for that because apparently a disproportionate number of their end-users disable cookies in their web browser. Stupid media privacy paranoia. The userbase is presently around 100K and growing 5K/day or so. They were having things go so slowly that users could not login. In the short term we replaced mod_auth_mysql with an apache module I whipped up to send requests out via UDP to a specified host/port, and wait for a reply (with a 3 second timeout). Then I hacked out a quick Perl program to handle those requests, hit mysql for actual user/password info, and to cache the user information in ram for the duration of the daemon's lifetime. Obviously this won't work forever without a serious change to my caching strategy, but before I put more work into this mechanism, what do other folks on the list do for high-traffic, large-userbase BASIC authen? I know it's a poor limitation but *shrug* the customer knows their needs. I figured DBM would be sluggish, and the customer already tried text files, but moved to mod_auth_mysql when that ran out of steam. Your Input Is Appreciated. -- Jeff S Wheeler [EMAIL PROTECTED] Software Development Five Elements, Inc http://www.five-elements.com/~jsw/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
