0

I have an Apache (2.2) server on one Linux (let's call it apacheOne). For various reasons we do not have (and do not want to have) Centrify for Apache installed (however Centrify itself is present and works). On the other Linux box (let's say apacheTwo) we have full installation of Centrify and also running Apache that uses Centrify.

Is it possible to redirect authentication requests from apacheOne to apacheTwo and then proceed on apacheOne as the user would be authenticated and authorized?

Regards,
Zbigniew

Zbigniew
  • 101
  • I smell a licence violation... – womble Jul 18 '11 at 13:23
  • To be clear: if it's violating any licence, of course I DO NOT want it. I just thought: if we have one corporate Apache and would like just to use authentication from other (intranet!) Apaches, then it's worth to ask and try - if possible. – Zbigniew Jul 18 '11 at 13:44

1 Answers1

2

Corey from Centrify here. The answer is basically yes. You can setup Apache1 as a reverse proxy (beyond the scope of my reply) and which will authn the user and send his identity and send the authenticated users (and any other specified user attributes) as HTTP headers to Apache2. You only need leverage these headers for your authn on Apache2 (again beyond the scope of my reply). I have done this in my environment for example to auth PeopleSoft users for example.

Doesn't violate any licenses, but remember though, if you have paid for Centrify on Apache on Apache1 and Apache2, there is a VERY nominal fee to upgrade Apache2 to use Centrify DirectControl for Applications. Might be less trouble than what is "beyond the scope of my reply." :)

Corey Williams
Director of Product Management
Centrify
corey.williams@[expected domain].com

Corey Williams
  • 21
  • 1