This Apache module allows authentication against a MySQL database via a
cryptographically secure cookie.
Features:
- Fake Basic Auth with cookies
- Cookie only consists of random session data, no username or password
- Can check expiry information stored in database against cookie
- Can check if the remote IP is equal to the IP stored in database
- Can be used for Single-Sign-On (SSO).
mod_auth_openid 是一个为 Apache 2 web 服务器提供的 OpenID 认证模块。它可以处
理 OpenID 2.0 规范中指定的 OpenID consumer 的功能。
mod_auth_pubtkt is a simple Web single sign-on (SSO) solution for Apache. It
validates authentication tickets provided by the client in a cookie using
public-key cryptography (DSA or RSA). Thus, only the login server that
generates the tickets needs to possess the private key, while Web servers
can verify tickets given only the public key. The implementation of the
login server is left to the user, but an example and a library in PHP are
provided with the distribution.
This module provides the mod_auth_basic authentication front-end a way to
authenticate users by checking credentials via the Cyrus SASL library.
This may be interesting for setups where other daemons (e.g. for SMTP, IMAP or
LDAP) already running at a machine use SASL to authenticate users.
Apache 2.2/2.4 connector for Atlassian Crowd to provide authentication and
authorization support using Basic Auth.
The Horde_Form package provides form rendering, validation, and other
functionality for the Horde Application Framework.
mod_backtrace is an experimental module for Apache httpd 2.x which
collects backtraces when a child process crashes. Currently it is
implemented only on Linux and FreeBSD, but other platforms could be
supported in the future.
Requirements: Apache httpd >= 2.0.49 must be built with the
--enable-exception-hook configure option and mod_so enabled.
Activating mod_backtrace:
1. Load it like any other DSO:
LoadModule backtrace_module modules/mod_backtrace.so
2. Enable exception hooks for modules like mod_backtrace:
EnableExceptionHook On
3. Choose where backtrace information should be written.
If you want backtraces from crashes to be reported some place other
than the error log, use the BacktraceLog directive to specify a
fully-qualified filename for the log to which backtraces will be
written. Note that the web server user id (e.g., "nobody") must
be able to create or append to this log file, as the log file is
mod_cfgldap can be used to keep VirtualHost configuration of the Apache web
server in a LDAP directory and to make changes visible in nearly realtime.
mod_chroot makes running Apache in a secure chroot environment easy.
You don't need to create a special directory hierarchy containing
/dev, /lib, /etc...
mod_chroot allows you to run Apache in a chroot jail with no additional files.
The chroot() system call is performed at the end of startup procedure - when
all libraries are loaded and log files open.
LibHTP is a security-aware parser for the HTTP protocol and the related bits
and pieces. The goals of the project, in the order of importance, are as
follows:
1. Completeness of coverage; LibHTP must be able to parse virtually all
traffic that is found in practice.
2. Permissive parsing; LibHTP must never fail to parse a stream that would
be parsed by some other web server.
3. Awareness of evasion techniques; LibHTP must be able to detect and
effectively deal with various evasion techniques, producing, where
practical, identical or practically identical results as the web
server processing the same traffic stream.
4. Performance; The performance must be adequate for the desired tasks.
Completeness and security are often detremental to performance. Our
idea of handling the conflicting requirements is to put the library
user in control, allowing him to choose the most desired library
characteristic.