mod_auth_webmod_auth_web is a module for authenticating users against a
web URL, such as the login form for a remote web site. It is useful for
authenticating users against a service that provides web access, but no
programmatic means (such as an API) for authentication.
The most current version of mod_auth_web can be found at:
http://horde.net/~jwm/software/mod_auth_web/mod_auth_web.c
Please contact John Morrissey <jwm at horde.net> with any questions, concerns, or suggestions regarding this module.
This sample configuration illustrates authentication against
Yahoo!. Users must log in via FTP as
yahoousername@yahoo.com and will have the UID, GID, and home
directory of the user named example.
AuthWebUserRegex @yahoo.com$
AuthWebURL https://login.yahoo.com/config/login?
AuthWebUsernameParamName login
AuthWebPasswordParamName passwd
AuthWebLocalUser example
AuthWebLoginFailedString "Invalid ID or password."
AuthWebRequireHeader "HTTP/1.1 302 Found"
AuthWebRequireHeader "Location: https://login.yahoo.com/config/verify?.done=https%3a//my.secure.yahoo.com"
Syntax: AuthWebUserRegex regex
Default: .*
Context: server config, <VirtualHost>, <Global>
Module: mod_auth_web
Compatibility: 1.0 and later
This directive configures which usernames should be processed by
mod_auth_web. The regex parameter is a standard (not
extended) regular expression. If a username matches this regular expression,
it will be processed; otherwise, the login request will be ignored by
mod_auth_web and other ProFTPD modules will be allowed to
process it.
Syntax: AuthWebURL url
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_auth_web
Compatibility: 1.0 and later
This directive configures the URL to POST to when
authenticating users. AuthWebURL can be configured on a per-
<VirtualHost> basis, so that virtual FTP servers can use
different URLs to authenticate against different services or to pass URL
parameters identifying the <VirtualHost>.
Syntax: AuthWebUsernameParamName queryparam
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_auth_web
Compatibility: 1.0 and later
This directive configures the parameter name to use for the username when
submitting POST requests to AuthWebURL.
See also: AuthWebPasswordParamName
Syntax: AuthWebPasswordParamName path
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_auth_web
Compatibility: 1.0 and later
This directive configures the parameter name to use for the password when
submitting POST requests to AuthWebURL.
See also: AuthWebUsernameParamName
Syntax: AuthWebLocalUser username
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_auth_web
Compatibility: 1.0 and later
This directive configures the local username to use for all users
authenticated by mod_auth_web. All users must have certain
information, such as user ID (UID), group ID, and home directory, in order
to log in. Since web-based authentication provides no way to retrieve this
information, users authenticated by mod_auth_web are given the
user information for username. The username will remain the same as
the user entered it when logging in, but all other account information (UID,
GID, home directory, etc.) will be based on this local user.
Syntax: AuthWebLoginFailedString string
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_auth_web
Compatibility: 1.0 and later
This directive configures a string that the remote web server sends to
indicate authentication failure. If the remote web server's response body
contains string, authentication will be rejected. Only one
AuthWebLoginFailedString may be configured.
See also: AuthWebRequireHeader
Syntax: AuthWebRequireHeader header
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_auth_web
Compatibility: 1.0 and later
This directive configures a HTTP header that must be present for
authentication to succeed. Multiple AuthWebRequireHeader
directives may be used, and all configured headers must be present in the
web server's response for authentication to succeed.
See also: AuthWebLoginFailedString
To install mod_auth_web, copy the mod_auth_web.c
file into:
proftpd-dir/contrib/
Then follow the usual steps for using third-party modules with ProFTPD:
./configure --with-modules=mod_auth_web
make
make install