nowen at wikidsystems
May 13, 2008, 6:42 AM
Post #3 of 3
(71 views)
Permalink
|
On Mon, May 12, 2008 at 12:44 PM, Travis Sidelinger
<travis[at]ilive4code.net> wrote:
> Any know an easy method to provide 2-factor authentication in Apache?
>
> I'd like to require both a group name+password and a user name+password.
> (or simply just two user accounts)
>
> I think this could be implemented via mod_proxy, or by writing a CGI
> program to handle all the authentication. Thou, I'm curious if others have
> done this.
>
> -Travis
Travis:
My recommendation is to use radius via mod_auth_xradius or similar.
In general, using radius for authentication (which is what is designed
for) will better in the long run. You can then use a radius server
in the middle that proxies credentials to your two-factor
authentication server. Or you can send the credentials straight from
Apache to the 2FA server. We have documentation on the latter here:
http://www.wikidsystems.com/documentation/howtos/two-factor-authentication-for-apache-2-2-or-higher
I'm a bit confused by the question though. Do you want two-factor?
Knowledge of a group name and password and knowlegde of a username and
password is not two-factors. It is just more of one factor.
Two-factor would be knowledge of something and possession of something
such as a certificate, software token, hardware token, etc.
HTH,
Nick
--
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe[at]httpd.apache.org
" from the digest: users-digest-unsubscribe[at]httpd.apache.org
For additional commands, e-mail: users-help[at]httpd.apache.org
|
