[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mod_auth_mysql

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: mod_auth_mysql
From: Chuck Yerkes <chuck+obsd_(_at_)_2004_(_dot_)_snew_(_dot_)_com>
Date: Tue, 17 Aug 2004 10:58:54 -0700

Quoting Martin Niki (niki1_(_at_)_welho_(_dot_)_com):
...
> And one final question, is there any kind of central authentication ?
> I'm using sftp, www,  ssh, php, mysql, pop3s, imap4s and webmail so it would
> be a _lot_ easier to have one central place for user info, rights, passwords
> and public keys, to authenticate them. Any info, product names, links to
> related articles, etc would be greatly appreciated. Also if it worked for
> console as well, it would be nice, however console and ssh are not mandatory,
> I could keep those separate and it wouldn't increase the workload too much.

You mean one machine with auth in one place?  Radius and NIS could work.

I deal with several machines and NIS could work.  Kerberos can work,
but web kerberos done properly is rare (get a ticket from the person's
web browser) and a password can be done badly (http vs. https).

You have other information.  Things that might go into a, ahem, 
DIRECTORY that's served over a network.  You might look at a
Directory Access Protocol.  X500 was a theory foisted on us, but
never really took off (never really worked) - to big and bloated.
You'd want a Lightweight Directory Access Protocol for multiple
machines/architectures/bits of info.  Lets call it LDAP.

Prev by Date: [e-daf-info] Nr. 7-8/2004: Wer wird Kulturhauptstadt?
Next by Date: Re: more bgpd weirdness
Previous by thread: Re: mod_auth_mysql
Next by thread: Re: mod_auth_mysql
Index(es):
- Date
- Thread

Visit your host, monkey.org