httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Owen <owen.n...@gmail.com>
Subject Re: [users@httpd] authentication question
Date Mon, 11 May 2009 20:23:39 GMT
On Mon, May 11, 2009 at 1:01 PM, Ross Boylan <ross@biostat.ucsf.edu> wrote:
> On Mon, 2009-05-11 at 11:21 -0400, Nick Owen wrote:
>> On Sat, May 9, 2009 at 12:34 PM, Ross Boylan <ross@biostat.ucsf.edu> wrote:
>> > Suppose I have apache running in front of a web application and
>> > subversion.
>> >
>> > I am thinking of a scenario in which the web application provides a
>> > login page.  However, the user may also browse to web pages served by
>> > subversion.
>> >
>> > Is there a way that my app can have someone log in and then pass the
>> > identity and authentication "up" to appache?  In particular, I'd want
>> > this authentication used if the user browsed over to the subversion
>> > repository.
>> >
>> > I'm assume a common source, e.g., LDAP, will provide user and password
>> > information that is the same for my app and apache.
>> >
>> > A final wrinkle is that the application itself may access subversion via
>> > http:// (https?) using either the identity of the user or, perhaps, a
>> > separate identity the application runs under.
>>
>> Have you investigated single sign-on solutions such as CAS and OpenSSO?
>
> No.  That's certainly relevant, since the university is moving toward
> single sign on.  I'm not sure of the exact technology, but I believe
> it's from IBM.  However, how do I make Apache aware of the single sign
> on?
>
> We're probably going to need an alternative before the single sign on is
> working.  There are also a significant usability issues with the current
> single signon system (for those few areas its active).

Try mod-cas: http://mod-cas.sourceforge.net/.. haven't tested it
myself, but I have played with CAS and it's radius interface

-- 
-- 
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message