Thanks for your quick reply… unfortunately I can't set a cookie. Another machine (different domain) is redirecting the user to this server (auth happens on that server) and this server is in effect acting as (one of several identically-configured) mirrors. However, it may be possible to redirect them to a location on the mirror that sets the cookie?
—Oliver On 4 January 2011 11:28, Mark Watts <m.wa...@eris.qinetiq.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/04/2011 11:19 AM, Oliver Beattie wrote: > > Hi there, > > > > I am sure this question has likely been asked many times before, I'm > > just having a bit of a hard time finding answers. > > > > Basically, I need to be able to authenticate downloads based on a URL > > signature if present (passed as a query parameter), instead of via Basic > > authentication (I need to support both of these, but bypass the basic > > auth if no signature is present). It isn't a requirement that they live > > at the same path, so they can be at different virtual hosts/directories > > if necessary. > > > > At first, I thought the best way to do this would be just through a > > simple CGI/WSGI/whatever, but the files I am authenticating access to > > are very large (many GB) and I fear there may be a performance > > implication of doing this (and things like Range requests won't be > > possible without extra work). > > > > Has anyone had any experience with this? What is the best way to > > proceed? Any help anyone could give would be very much appreciated :) > > > > —Oliver > > After authentication, set a cookie with a sensible lifetime (~1 day). > If the cookie is set and valid allow the download, otherwise redirect to > the login page. > > Mark. > > - -- > Mark Watts BSc RHCE > Senior Systems Engineer, MSS Secure Managed Hosting > www.QinetiQ.com > QinetiQ - Delivering customer-focused solutions > GPG Key: http://www.linux-corner.info/mwatts.gpg > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk0jBFUACgkQBn4EFUVUIO2+lACg25ZDyyLlcM5B6KYU+zB5k/6d > 23kAn0eWbv+M4Z9vpWWo9yD8TeJl5aiI > =sGQx > -----END PGP SIGNATURE----- >
