+There are three main topics when considering user passwords: +authentication, accessing the file system, and web-based access. +
++Authentication is covered in a separate document. I will briefly +mention that LON-CAPA supports different kinds of authentication +that can be customized for use within different institutional computing +environments. Authentication, whether it be related to web-based access, +or accessing the file system, is strictly the job of library servers, +not access servers. +
++Web-based access is initiated through a javascript encrypted protocol. +The server enables access to LON-CAPA from the client IP address until +the user logs out, or time expires without any action made by the user +on the web pages. Web-based access is something which is implemented +for the full range of users--from students to course administrators +to content developers. LON-CAPA relies upon the /home/httpd/lonUsers/ +directories to store information about password authentication for +the users of a given system. +
++Something which is not implemented for the full range of users, but +which is reserved for content developers, is file system access. +LON-CAPA provides for a wide range of file system access including +SSH, Samba (Windows Network Neighborhood), Appleshares, an FTP. +Three files are involved with coordinating file system access: +/etc/group, /etc/smbpasswd, and /etc/passwd. +
++Correctly handling the contents of /home/httpd/lonUsers directories, +and the /etc/group, /etc/smbpasswd, and /etc/passwd files is of +critical importance to ensure uninterrupted access to the LON-CAPA +network. +
++This document will be developed further.