| View previous topic :: View next topic |
| Author |
Message |
trossachs
Veteran
Joined: 22 Jan 2004
Posts: 1204
Location: London
|
 Posted: Fri Oct 21, 2005 10:59 am Post subject: Howto for Apache to authenticate users |
 |
|
| Does anyone know of any URL's available which govern the authentication of users using Apache and/or something like ldap? Any known howto's or URLS would be appreciated so that I can pass them on. |
|
| Back to top |
|
 |
smerf
l33t
Joined: 06 Nov 2004
Posts: 778
Location: Polska
|
|
| Back to top |
|
|
trossachs
Veteran
Joined: 22 Jan 2004
Posts: 1204
Location: London
|
| Posted: Fri Oct 21, 2005 10:24 pm Post subject: |
|
|
| Thanks for this smerf. And one other question, is it possible to purchase a "bolt on" authentication package that would fit onto Apache/php or is it better to go along the mod_auth_ldap method? |
|
| Back to top |
|
|
smerf
l33t
Joined: 06 Nov 2004
Posts: 778
Location: Polska
|
| Posted: Fri Oct 21, 2005 10:37 pm Post subject: |
|
|
| JulesF wrote: | | Thanks for this smerf. And one other question, is it possible to purchase a "bolt on" authentication package that would fit onto Apache/php or is it better to go along the mod_auth_ldap method? |
there are several methods of authenticating users, each has its own advantages and weaknesses... mod_auth_ldap is not the only solution available, remember, that PHP has built-in LDAP protocol support (www.php.net/ldap), you can even write CGI script in perl or python - each of these languages has LDAP modules available. mod_auth_ldap was just an example (it seems to me, that you don't like Google...).
try to be more specific when describing your problem ('something like ldap'??)... what exactly do you need?
_________________
Microsoft is not the answer, Microsoft is the question, the answer is no. |
|
| Back to top |
|
|
trossachs
Veteran
Joined: 22 Jan 2004
Posts: 1204
Location: London
|
| Posted: Sat Dec 10, 2005 9:51 am Post subject: |
|
|
Apologies for the delay in writing back smerf.
Ldap is a centralized authentication package, if I adopt this into my system, then I guess I can have everyone use it for everything: domain login credentials, websites, Postfix, all sorts. I just need some ideas around Ldap thrown at me and how I can best adopt this into my enterprise so I can make a decision. |
|
| Back to top |
|
|
smerf
l33t
Joined: 06 Nov 2004
Posts: 778
Location: Polska
|
| Posted: Sat Dec 10, 2005 11:50 am Post subject: |
|
|
No problem, LDAP is more than just authentication package, you can use it as a generic database optimized for reading - quite fast and secure. I'm using it because I hate NIS and similiar solutions but have to somehow authenticate users in small network. I've just followed Gentoo LDAP authentication HowTo (general concept) and continue using PAM as authentication service. The only difference is that PAM is not using /etc/passwd and friends for regular users (people) but contacts LDAP server.
| Quote: | | I guess I can have everyone use it for everything: domain login credentials, websites, Postfix, all sorts. |
yes, you can keep any information inside LDAP, but you have to carefully plan your LDAP structure - it depends on your company/organisation needs. First of all you have to ask yourself what services do you want to integrate with LDAP and search the web for examples (there many howtos and description of SSO with LDAP and similiar setups). Then try to put this together... Personally I don't have experience with more complicated configurations than described above.
_________________
Microsoft is not the answer, Microsoft is the question, the answer is no. |
|
| Back to top |
|
|
trossachs
Veteran
Joined: 22 Jan 2004
Posts: 1204
Location: London
|
| Posted: Sat Feb 04, 2006 9:49 am Post subject: |
|
|
| I will have to adopt a softly softly approach. I guess I cannot run both systems concurrently until I am satisfied, no? |
|
| Back to top |
|
|
|
Networking & Security
