httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From linuxsupport <lin.supp...@gmail.com>
Subject Re: [users@httpd] WAMP SSO
Date Tue, 11 Sep 2012 07:58:28 GMT
try mod_auth_tkt

On Tue, Sep 11, 2012 at 11:46 AM, Satya Prakash Prasad <
satyaprakash.prasad@gmail.com> wrote:

> Thanks to all for the information and details as provided.
>
> I would try to explore the various options provided in the discussion.
> Kindly note that I need to implement it on WAMP as mentioned earlier
> (Windows, Apache, MySQL and PHP).
>
> The one option I may request upon is that does Apache itself does not
> provide modules / mechanism to implement SSO?
>
> Thanks in advance.
>
> Regards,
> Prakash
>
>
> On Mon, Sep 10, 2012 at 8:32 PM, Mark Montague <mark@catseye.org> wrote:
> > On September 10, 2012 10:03 , Nick Kew <nick@webthing.com> wrote:
> >>>>
> >>>> I need to implement SSO (Single Sign On) for a tool to be launched for
> >>>> people of our organization only.
> >>>
> >>> For true SSO solutions, look at
> >>
> >> Any strong reason to prefer those to worldwide initiatives
> >> such as OpenID/OpenAuth?
> >
> >
> > Mostly because I didn't think of them :)   But, now that you've asked:
> >
> > My understanding is that most of the following features offered by
> > cosign/PubCookie/CAS are not offered by OpenID/OpenAuth:
> >     * Centralized Single Log Out.
> >     * Per-site forced reauthentication (e.g., when user's IP address
> > changes, or when they access a particularly sensitive resource)
> >     * Per-site multi-factor authentication (including hardware tokens,
> X.509
> > client certificates, etc.)
> >     * Idle time outs (require reauthentication after, say, 2 hours of no
> > pages being requested).
> >     * Hard time outs (require reauthentication, say, every 24 hours or
> every
> > week, regardless of activity)
> >     * Credential proxying to back-end services (other web servers, IMAP,
> > LDAP, databases, etc.)
> >
> > Regardless of the above, OpenID/OpenAuth may be a fine choice for the
> > original poster, depending on his requirements, particularly if he sets
> up
> > his own OpenID provider rather than using an external provider such as
> > Google or Yahoo.
> >
> > --
> >   Mark Montague
> >   mark@catseye.org
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Mime
View raw message