I created one in the EVE Private Web Master settings. HOWEVER, it appears this is for a directory on my server at infopop.

I wish to use a member only category/forum containing links to another provider for viewing mpg files in a related site.

any idea on what has to be in this file?

http://forums.accuratereloading.com/eve

Thanks.

Don

Private Web Directories only work on Infopop servers. You can use .htaccess files on any Apache web server, but there would be no (easy) way to authenticate them against an Eve user.

You could use the Simple Authentication API to write a script to secure those video files.

Steve, just sent you a PM.
Don

It would be nice to see groupee/PWD support authenticaiton from other servers.

Ex. Scripts that require a LOT of bandwith or in cases where LOTS of disk storage is needed for large files etc... It get's to expensive to host these types of needs at infopop. It would benefit your infopop customers by allowing them to offer more "aggresive" servicies that infopop may not want to host do to the demand they may create in the infopop enviroment in respect to server resources or calls to your call center. BUT it would certainly allow for a lot more THRIVE members if we could offer such services which benefits you and your customers.

It may even allow you to offer groupee/thrive as a standalone option to anyone hosting anywhere.

just a thought...not completly thought out.. but you get the idea... Don't you?

Its an interesting thought, but in order to get it to work we would need to figure out how to get stock apache to authenticate a cookied user with Eve... And honestly I dont think it can be done.

Especially not when the site is not using the same domain as eve and apache has no way of knowing if the person is even logged in.

Though if it could be done your right, it would definitely give a lot of value.

You would have to have an authetication module in the apache build on the non eve hosting place. Without a custom apache build, your right I don't think you could do it.

I'll keep thinking about it...

Yeah, that is how we have handled it thus far, and is why it requires to be ran on our machines...

It might be possible for us to publish our module, but that is not my decision.

Cheers,

Remeber that the simple Authentication API runs on *any* server and could be adapted to what you are looking for. It's only the PWD system using the modified Apache Auth itself must run on your Infopop server.

Michael is correct. Though I think that the desire is to use PWD so they can have Premium Groups control access. Which I dont beleive is something that can be done with Simple Auth.

You can use SimpleAuth for that, but you'd need to do the group lookups programatically.

"group lookups programatically" meaning sql query via perl or php? There is no API that returns an array of groups that the user belongs to?

quote:

---

Originally posted by theclam:
"group lookups programatically" meaning sql query via perl or php? There is no API that returns an array of groups that the user belongs to?

---

Correct. You would need to use SQL and do the queries yourself. SimpleAuth does not return group information, only their OID and display name.

You could of course write a class that is re-usable.

OK Here is my solution! (I think)

Using the script Michael refrences here.... http://community.infopop.net/eve/ubb.x/a/tpc/f/70710879033/m/99910156463/r/37910945763#37910945763

You create a redirect php script on the non-eve hosted server using the above auth script. That scripts checks if the user is valid and then will redirect them to the passed url. OR if the user is not vailid they will be prompted to log in!

The redirect script can make a group sql call to the eve database to check what groups they are in and then compare that to a table in mysql that lists the URL's and group combos that are valid...

http://xxx.xxxxx.com/redirect-w-auth.php?target=http://xxx.xxxxx.com/blah/blah.html

You would also need to setup an apache rewrite rule to block url requests that do not contain the redirect-w-auth.php script in the url...


Does that make ANY sense?

quote:

Originally posted by theclam:
OK Here is my solution! (I think)

Using the script Michael refrences here.... http://community.infopop.net/eve/ubb.x/a/tpc/f/70710879033/m/99910156463/r/37910945763#37910945763

You create a redirect php script on the non-eve hosted server using the above auth script. The script checks if the user is valid and then will redirect them to the passed url. OR if the user is not vailid they will be prompted to log in!

The redirect script can make a group sql call to the eve database to check what groups they are in and then compare that to a table in mysql that lists the URL's and group combos that are valid... (this assume Michael's script will write out a cookie for the domain that it is being run on)

http://xxx.xxxxx.com/redirect-w-auth.php?target=http://xxx.xxxxx.com/blah/blah.html

You would also need to setup an apache rewrite rule to block url requests that do not contain the redirect-w-auth.php script in the url...


Does that make ANY sense?