Re: Web Authentication

From: Nick Owen <nickowen@xxxxxxxxxxxxxx>
Date: Fri, 21 Jul 2006 12:54:04 -0400

pimp mastermind wrote:

I have Slackware 10.1 runing. I am using it as a router and
fileserver. I use Apache 1.3 for web access. I have some web
directories which i want to secure more strongly than with htpasswd
but i dont know any other ways of authentication. Also a lot of my
scripts in those directories are wirted in PHP Perl and CGI scripting.
I need to find a better way of authentication? Does any one knows any
better way of authentication?
Thank you all in advance for your help

You should be able to easily require different authentication mechanisms
by using the various mod_auth_ tools and the directory or location
directives. I just finished a doc on setting up apache to use
mod_auth_radius and WiKID for two-factor authentication, which should
help for any form of 2FA with apache:
http://www.wikidsystems.com/howtos/how-to-add-two-factor-authentication-to-apache/

I would be happy if you tried the open source WiKID server.
http://sourceforge.net/projects/wikid-twofactor/

You will find network client 'plugins' for PHP, ruby, python, etc on our
sf.net site here:
http://sourceforge.net/project/showfiles.php?group_id=144774 (sorry, no
perl as of yet).

hth,

nick

--
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
https://www.linkedin.com/in/nickowen

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

References:
- Web Authentication
  - From: pimp mastermind

Prev by Date: RE: Executing app with admin privileges
Next by Date: Re: ADS Password Storage Protection
Previous by thread: Web Authentication
Next by thread: Re: Web Authentication
Index(es):
- Date
- Thread

Relevant Pages

Re: problem with AuthCookieName and Apache
... > I has a problem with my configuration of AuthCookieName and Apache, ... This is due to the stack-like module semantics in apache 1.3. ... As mod_auth_cookie fakes basic authentication information, ... Have you checked the cookie is actually available? ...
(Debian-User)
Re: Mod_python vs. application server like CherryPy?
... WSGI being portability it effectively ignores practically everything ... that Apache has to offer. ... WSGI auth middleware already supports more auth methods than apache2 itself. ... authentication mechanisms, both of which are in Apache by default. ...
(comp.lang.python)
Re: Authentication Caching
... Once the password is changed in active directory, AD will go by the current password for any application that queries AD for authentication. ... If you have the LDAP cache on the linux/Apache machine set for 600s, does it accept your new password after 10 minutes? ... You might need to post this question to an Apache or Linux list. ...
(microsoft.public.windows.server.general)
Re: Not being able to send mails through PHP using SMTP
... I am using Apache 1.3.33 as the web server and PHP version 4.3.10. ... Thus I am using external SMTP server. ... I would be VERY surprised if they don't require any authentication. ...
(comp.lang.php)
Re: .htaccess authentification problem
... automatic directory indexing. ... directory indexing and authentication with PHP at the same time? ... > your scripts untill Apache has done his authentication. ...
(php.general)