doc/build/loncapapasswordauthentication.html - view

Return to loncapapasswordauthentication.html CVS log

Up to [LON-CAPA] / doc / build

File: [LON-CAPA] / doc / build / Attic / loncapapasswordauthentication.html
Revision 1.4: download - view: text, annotated - select for diffs
Sun Sep 30 18:32:10 2001 UTC (22 years, 8 months ago) by harris41
Branches: MAIN
CVS tags: HEAD

adding in instructions for building pwauth

    1: <html>
    2: <head>
    3: <title>LON-CAPA Password authentication</title>
    4: </head>
    5: <body>
    6: <h1>LON-CAPA Password authentication</h1>
    7: <p>
    8: Scott Harrison
    9: </p>
   10: <p>
   11: Last updated: 09/30/2001
   12: </p>
   13: <p>
   14: This file describes issues associated with authenticating
   15: passwords on a LON-CAPA system.
   16: </p>
   17: <p>
   18: I am just now adding information on how to configure a LON-CAPA
   19: system to work with shadow passwords.
   20: </p>
   21: <h3>Latest HOWTO</h3>
   22: <p>
   23: The following section of perl code illustrates the
   24: different ways passwords can be evaluated.
   25: </p>
   26: <p>
   27: <pre>
   28:                           my ($howpwd,$contentpwd)=split(/:/,$realpasswd);
   29:                           my $pwdcorrect=0;
   30:                           if ($howpwd eq 'internal') {
   31: 			      $pwdcorrect=
   32: 				  (crypt($upass,$contentpwd) eq $contentpwd);
   33:                           } elsif ($howpwd eq 'unix') {
   34:                               $contentpwd=(getpwnam($uname))[1];
   35:                               $pwdcorrect=
   36:                                   (crypt($upass,$contentpwd) eq $contentpwd);
   37:                           } elsif ($howpwd eq 'krb4') {
   38:                               $pwdcorrect=(
   39:                                  Authen::Krb4::get_pw_in_tkt($uname,"",
   40:                                         $contentpwd,'krbtgt',$contentpwd,1,
   41: 							     $upass) == 0);
   42:                           }
   43:                           if ($pwdcorrect) {
   44:                              print $client "authorized\n";
   45:                           } else {
   46:                              print $client "non_authorized\n";
   47:                           }  
   48: </pre>
   49: </p>
   50: <hr />
   51: Making a LON-CAPA system work with shadow passwords (in five steps;
   52: assuming that the linux system is configured for shadow passwords)
   53: <pre>
   54: 1. Get http://www.wwnet.net/~janc/software/mod_auth_external-2.1.13.tar.gz
   55: 
   56: 2. cd mod_auth_external/pwauth
   57: 
   58: 3. alter the config.h file line to match the UID of www
   59: #define SERVER_UIDS 500         /* user "www" */
   60: 
   61: 4.
   62:       If you have a /etc/pam.d directory, you need to create a file named
   63:       "pwauth" inside it.  To authenticate out of the Unix Shadow file
   64:       under Redhat 6.x, the /etc/pam.d/pwauth file should look something like
   65:       this:
   66: 
   67:         auth       required     /lib/security/pam_pwdb.so shadow nullok
   68:         auth       required     /lib/security/pam_nologin.so
   69:         account    required     /lib/security/pam_pwdb.so
   70: 
   71: 
   72: 5.  place pwauth in /usr/local/sbin/.
   73: 
   74: </body>
   75: </html>
   76:

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>