Even if you manage to find an apache module that has sha-2 implemented, you still need to fetch and integrate the salt. The solution will have to include Drupal somehow, since Drupal is the only one who really knows how to authenticate against its database.
I am not aware of any maintained module that does what you want, but it would be really easy to implement in a module.
Pseudocode that illustrates how simple this is in Drupal:
/**
* Implements hook_menu().
*/
function mystatic_menu() {
$items['mystatic'] = array(
'title' => 'Blogs',
'page callback' => 'mystatic_serve',
'access arguments' => array('access content'), # Or check against other permissions.
'type' => MENU_CALLBACK,
);
return $items;
}
function mystatic_serve($filename = '') {
if (empty($filename)) {
return _mystatic_directory_index(); #String will be printed as $content inside Drupals page.tpl.php template.
}
elseif(_mystatic_is_valid_file($filename)) {
print _mystatic_serve_file($filename);
drupal_exit(); #String will be sent to user without going trough Drupals theme layer.
}
else {
drupal_not_found();
}
return $html;
}
The function _mystatic_directory_index() would generate a list of files, or the index of the static system. To be served inside Drupals theme when people access /mystatic.
The function _mystatic_is_valid_file() would sanitize the filename (to avoid serving e.g. ../../etc/password. There are many tutorials out there for this. It would obviously also check if the file $filename actually exits. Will be served if people open urls such as /mystatic/example.html. Note that /mystatic/somedir/example.html will not work; Drupal splits on / and passes that as separate arguments.
The function _mystatic_serve_file() would simply read $filename from the disk and stream (print) it to the user.
