[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-developers] Re: Apache authentication
- Subject: [cobalt-developers] Re: Apache authentication
- From: Bruce Timberlake <bruce@xxxxxxxxxx>
- Date: Mon Jan 26 16:35:02 2004
- Organization: BRTNet.org
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
I've converted a Raq4 over to Debian stable, and I'm trying to get it up
to the functionality I had with straight Cobalt. Almost there, just two
features left: WebDAV and Majordomo. Majordomo is a subject for another
question, so at the moment I'm going to concentrate on WebDAV.
I've got WebDAV (Apache 1.3.x, mod_dav) going using AuthType Digest, but
the configuration uses .htaccess files which I'm sure weren't needed in
Cobalt's version. There's also the AuthDB stuff which sounds more
familiar, but it still all looks a bit manual to me.
Question is then, are people aware of any means of either getting Apache
to authenticate directly off /etc/passwd? The trouble with doing it
manually is a) I have to do it myself and can't automate it on site
creation and b) I can't guarantee that the passwords are going to be the
same between /etc/passwd and .htaccess.
http://www.cobaltfaqs.com/wiki/index.php/PasswordProtectingDirectories
Look in the "Using PAM" section at the bottom. Please note the security
issue with doing this:
Unless you have SSL encryption in place, the users'
passwords in this method will be sent basically in
clear text. Thus this method IS NOT RECOMMENDED, and
is listed here for information purposes only.