[BACK]Return to loncapapasswordauthentication.html CVS log [TXT] [DIR] Up to [LON-CAPA] / doc / build

Diff for /doc/build/Attic/loncapapasswordauthentication.html between versions 1.3 and 1.6

version 1.3, 2001/02/15 15:58:38 version 1.6, 2002/02/27 00:19:47
Line 1 Line 1
 <HTML>  <html>
 <HEAD>  <head>
 <TITLE>LON-CAPA Password authentication</TITLE>  <title>LON-CAPA Password authentication</title>
 </HEAD>  </head>
 <BODY>  <body>
 <H1>LON-CAPA Password authentication</H1>  <h1>LON-CAPA Password authentication</h1>
 <P>  <p>
 Scott Harrison  Scott Harrison
 </P>  </p>
 <P>  <p>
 Last updated: 02/15/2001  Last updated: 09/30/2001
 </P>  </p>
 <P>  <p>
 This file describes issues associated with authenticating  This file describes issues associated with authenticating
 passwords on a LON-CAPA system.  passwords on a LON-CAPA system.
 </P>  </p>
 <H3>Latest HOWTO</H3>  <p>
 <P>  I am just now adding information on how to configure a LON-CAPA
   system to work with shadow passwords.
   </p>
   <h3>Latest HOWTO</h3>
   <p>
 The following section of perl code illustrates the  The following section of perl code illustrates the
 different ways passwords can be evaluated.  different ways passwords can be evaluated.
 </P>  </p>
 <P>  <p>
 <PRE>  <pre>
                           my ($howpwd,$contentpwd)=split(/:/,$realpasswd);                            my ($howpwd,$contentpwd)=split(/:/,$realpasswd);
                           my $pwdcorrect=0;                            my $pwdcorrect=0;
                           if ($howpwd eq 'internal') {                            if ($howpwd eq 'internal') {
Line 41  different ways passwords can be evaluate Line 45  different ways passwords can be evaluate
                           } else {                            } else {
                              print $client "non_authorized\n";                               print $client "non_authorized\n";
                           }                              }  
 </PRE>  </pre>
 </P>  </p>
 </BODY>  <hr />
 </HTML>  Making a LON-CAPA system work with shadow passwords (in five steps;
   assuming that the linux system is configured for shadow passwords)
   <pre>
   1. Login as user=sysadm.
   2. cd ~
   3. mkdir install
   4. cd install
   5. wget http://www.wwnet.net/~janc/software/mod_auth_external-2.1.15.tar.gz
   6. tar xzvf mod_auth_external-2.1.15.tar.gz
   7. cd mod_auth_external/pwauth
   8. alter the config.h file line to match the UID of www
   #define SERVER_UIDS 500         /* user "www" */
   9. make
   10. sudo emacs -nw /etc/pam.d/pwauth
         If you have a /etc/pam.d directory, you need to create a file named
         "pwauth" inside it.  To authenticate out of the Unix Shadow file
         under Redhat 6.x, the /etc/pam.d/pwauth file should look something like
         this:
   
           auth       required     /lib/security/pam_pwdb.so shadow nullok
           auth       required     /lib/security/pam_nologin.so
           account    required     /lib/security/pam_pwdb.so
   11.
   Place ~/mod_auth_external/pwauth/pwauth in /usr/local/sbin/ with
   setuid permissions.
   sudo cp /home/sysadm/install/mod_auth_external/pwauth/pwauth /usr/local/sbin/.
   sudo chmod 6755 /usr/local/sbin/pwauth
   </pre>
   </body>
   </html>
   
Removed from v.1.3  
changed lines
  Added in v.1.6

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>