Модуль Apache auth_tkt создает куки аутентификации, которые могут быть проверены криптографически, поэтому веб-сервер может генерировать REMOTE_USER без обращения к базе данных. Какая спецификация для auth_tkt куки?
auth_tkt
REMOTE_USER
Из README внутри http://www.openfusion.com.au/labs/dist/mod_auth_tkt/mod_auth_tkt-2.1.0.tar.gz
Cookie Format The TKTAuthCookieName cookie is constructed using following algorithm:` ('+' is concatenation operation) cookie := digest + hextimestamp + user_id + '!' + user_data or if using tokens: cookie := digest + hextimestamp + user_id + '!' + token_list + '!' + user_data digest := MD5(digest0 + key) digest0 := MD5(iptstamp + key + user_id + '\0' + token_list + '\0' + user_data) iptstamp is a 8 bytes long byte array, bytes 0-3 are filled with client's IP address as a binary number in network byte order, bytes 4-7 are filled with timestamp as a binary number in network byte order. hextimestamp is 8 character long hexadecimal number expressing timestamp used in iptstamp. token_list is an optional comma-separated list of access tokens for this user. This list is checked if TKTAuthToken is set for a particular area. user_data is optional