If you have taken a look at Apache 2.2 lately, you have probably noticed the addition of a number of new authentication modules. In reality the number of authentication methods hasn't changed, the modules have just been rearchitected to provide much more power and flexibility. What used to be a single authentication module in Apache 2.0 has been broken down into authentication types, providers and authorization methods in Apache 2.2. Now rather than being stuck with a single authentication module, you can mix and match the type of authentication with various providers and authorization methods. Recently authorization also went through a restructuring into a provider based architecture as well. As part of the restructuring, AND/OR logic was added to give authorization rules much more power and flexibility. With this new provider based architecture, Apache authentication and authorization can be configured and applied in ways that were previously not possible. This presentation will show you what you need to know about the new authentication module architecture in Apache 2.2 and give you a peek into the new authorization architecture in the future.
Categories: Apache HTTP Server,New Technologies,Security