And here is a post about this topic. <a href="http://www.libing.name/2008/11/23/nginx-application-access.html">http://www.libing.name/2008/11/23/nginx-application-access.html</a><br>I'm sorry, it is in Chinese. But I think the script at this page will helpful for you. <br>
<br><div class="gmail_quote">2009/3/12 ÕÅÁ¢±ù <span dir="ltr"><<a href="mailto:zhang.libing@gmail.com">zhang.libing@gmail.com</a>></span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi,Huy Phan.<br><br> Wow, we did the same job. <img goomoji="360" style="margin: 0pt 0.2ex; vertical-align: middle;" src="cid:360@goomoji.gmail"><div class="im"><br><br><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">
2. When the request is valid (the token is exist), it returns 404, and then<br>
internal redirect to the 'real' place => If someone knows the url of real place,<br>
he can access without any authentication.<br></blockquote> <br></div>Yes, I hook the http status 404, and redirect to the 'real' place at the backend. BUT this place must be placed at intranet or the same server, just like 127.0.0.1.And that is the trust environment. ^_^<br>
<br>I have placed a simple conf at this page.(<a href="http://www.libing.name/2009/03/11/nginx-token-module.html" target="_blank">http://www.libing.name/2009/03/11/nginx-token-module.html</a>).<div class="im"><br><br><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">
<a href="http://thread.gmane.org/gmane.comp.web.nginx.english/10008" target="_blank">http://thread.gmane.org/gmane.comp.web.nginx.english/10008</a><br><a href="http://thread.gmane.org/gmane.comp.web.nginx.english/10379" target="_blank">http://thread.gmane.org/gmane.comp.web.nginx.english/10379</a><br>
</blockquote>
<br></div>I have checked those two posts.It seems you want a module to do the access check job for media files.(/v/empty.flv?token=1234).<br>And I think there is no need memcached to store the check token. Maybe you can work with <a href="http://www.nginx-community.org/NginxHttpAccessKeyModule" target="_blank">http access key module</a><br>
and <a href="http://hg.mperillo.ath.cx/nginx/mod_parsed_vars" target="_blank">mod_parsed_vars </a>to generate dynamic token with COOKIE/GET/POST vars. Just like sessionid.And that is betteeeer than work with memcached.<div>
<div></div><div class="h5"><br><br><div class="gmail_quote">
On Thu, Mar 12, 2009 at 8:17 PM, Huy Phan <span dir="ltr"><<a href="mailto:dachuy@gmail.com" target="_blank">dachuy@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>ÕÅÁ¢±ù <zhang.libing@...> writes:<br>
<br>
><br>
><br>
> Digest Authentication?<br>
> <br>
> I have Implemented a simple token module, used for http authentication with<br>
backend memcached. Maybe that is helpful for you.<br>
><br>
<br>
</div>Hi zhang,<br>
really interesting to see your modules, the idea is exactly what im trying to do<br>
these 2 weeks.<br>
What I see after checking your code is that :<br>
1. If the token is invalid : return 403, otherwise 404.<br>
2. When the request is valid (the token is exist), it returns 404, and then<br>
internal redirect to the 'real' place => If someone knows the url of real place,<br>
he can access without any authentication.<br>
<br>
I had develop a module similar like that ( in fact I see that we have 80% same<br>
code ), but the process is a little different. Can you take a look at these<br>
threads and we can work on it together :)<br>
<br>
<a href="http://thread.gmane.org/gmane.comp.web.nginx.english/10008" target="_blank">http://thread.gmane.org/gmane.comp.web.nginx.english/10008</a><br>
<a href="http://thread.gmane.org/gmane.comp.web.nginx.english/10379" target="_blank">http://thread.gmane.org/gmane.comp.web.nginx.english/10379</a><br>
<br>
<br>
<br>
<br>
<br>
<br>
</blockquote></div><br><br clear="all"><br></div></div><div><div></div><div class="h5">-- <br>The time you enjoy wasting is not wasted time!<br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>The time you enjoy wasting is not wasted time!<br>