Currently I am looking into ajax to fetch data for an admin interface. This also should involve some level of security since you can’t identify who is viewing the data once a request is made. The only sure thing is that a remote address is making the request.
There are a number of things I can think of to secure this.
- Add a hashed security code that will somehow identify the user within a php session.
- Make sure the user is logged in with at least a basic authentication in apache or other webservers.
- Give admin users a client certificate that will grant them rights to the admin interface
Since I will have all kinds of levels option 3 might be a problem. If it would only involve the admin user him/herself I would go for the option.
Option 2 is not something I would like to consider but I still keep it in mind. I would be able to identify users in a more or less tested way.
Option 1 is the option I am considering. The real question is, what would I test against. Users might be behind a proxy, this is all common knowledge. But what if someone is natted behind a proxy and the person is on a shared ip together with other users….
The real option would be to find a combination of client side identity that is shared with server side identity. I must think about some way of getting the cms to identify public keys that users must somehow upload, without sharing it with all the www-data users that is…