apache sessions with basic authentication and one login per user
$30-250 USD
Awarded
Posted over 11 years ago
$30-250 USD
Paid on delivery
I need some help on my apache webserver. I currently have it setup for basic user authentication on the whole site. I also have set up a reverse proxy on a few urls. I am looking to set up some method to prevent the same username from logging in at the same time. I do not wish to use cookies or anything stored on the persons computer. If the same username wishes to login in, then my webserver should disconnect the first user session and allow the new user session. The one catch is I am looking to do this on a proxied url, so there is no physical html page to write code on. It would need to be done from the sites available or [login to view URL] and can be done sitewide.
The user currently logs in by passing username and pass in the url, and i would like to keep that method. I would also like to disconnect any session that is beyond a certain length of time, say 6 hours. this is on ubuntu.
I got your project by one site running on one server Apache. The Apache is configured to authenticate a user that tries to access some protected URLs. You need to restrict the user having more than um session simultaneosly.
I will use modsecurity to solve your problem.
I'm and Ethical Hacking from Brazil that has background with Apache and ModSecurity.