UPDATE: mod_gacl is now distributed with GridFactory
Ever wanted to:
- use Apache as a secure file server,
- use X.509 certificates for authenticating both server and client,
- control who can put and get files in each directory?
Well, then go right ahead and download mod_gacl.
Installation: Follow the instructions in the README file. Since an Apache module is tied to a specific version of Apache, you have to compile mod_gacl yourself. mod_gacl should compile easily on any modern Linux distro.
Usage: mod_gacl is an Apache-2 module for authentication and authorization of both client and server via X.509 certificates on a per-directory basis. In each directory a GACL file, “.gacl”, controls who can read and write files.
The module should be used together with mod_dav and mod_ssl (part of a standard Apache installation). With these three modules you will have a file server on which you can set directory permissions via GACL.
Notes: GACL is an XML language for controlling access to files and directories. For more information on GACL, see e.g. GridSite or the
GACL Mini HOWTO of NorduGrid.
Notice: mod_gacl does rely on any grid security libraries or any specific version of OpenSSL. In fact mod_gacl only relies on OpenSSL in so far as it gets certificate information from mod_ssl.
Caveats: This is my first Apache module; use it at your own risk; please report any problems and feel free to fix and modify.