Annotation of doc/build/loncapapasswordauthentication.html, revision 1.4
1.4 ! harris41 1: <html>
! 2: <head>
! 3: <title>LON-CAPA Password authentication</title>
! 4: </head>
! 5: <body>
! 6: <h1>LON-CAPA Password authentication</h1>
! 7: <p>
1.1 harris41 8: Scott Harrison
1.4 ! harris41 9: </p>
! 10: <p>
! 11: Last updated: 09/30/2001
! 12: </p>
! 13: <p>
1.1 harris41 14: This file describes issues associated with authenticating
15: passwords on a LON-CAPA system.
1.4 ! harris41 16: </p>
! 17: <p>
! 18: I am just now adding information on how to configure a LON-CAPA
! 19: system to work with shadow passwords.
! 20: </p>
! 21: <h3>Latest HOWTO</h3>
! 22: <p>
1.2 harris41 23: The following section of perl code illustrates the
24: different ways passwords can be evaluated.
1.4 ! harris41 25: </p>
! 26: <p>
! 27: <pre>
1.2 harris41 28: my ($howpwd,$contentpwd)=split(/:/,$realpasswd);
29: my $pwdcorrect=0;
30: if ($howpwd eq 'internal') {
31: $pwdcorrect=
32: (crypt($upass,$contentpwd) eq $contentpwd);
33: } elsif ($howpwd eq 'unix') {
34: $contentpwd=(getpwnam($uname))[1];
35: $pwdcorrect=
36: (crypt($upass,$contentpwd) eq $contentpwd);
37: } elsif ($howpwd eq 'krb4') {
38: $pwdcorrect=(
39: Authen::Krb4::get_pw_in_tkt($uname,"",
40: $contentpwd,'krbtgt',$contentpwd,1,
41: $upass) == 0);
42: }
43: if ($pwdcorrect) {
44: print $client "authorized\n";
45: } else {
46: print $client "non_authorized\n";
47: }
1.4 ! harris41 48: </pre>
! 49: </p>
! 50: <hr />
! 51: Making a LON-CAPA system work with shadow passwords (in five steps;
! 52: assuming that the linux system is configured for shadow passwords)
! 53: <pre>
! 54: 1. Get http://www.wwnet.net/~janc/software/mod_auth_external-2.1.13.tar.gz
! 55:
! 56: 2. cd mod_auth_external/pwauth
! 57:
! 58: 3. alter the config.h file line to match the UID of www
! 59: #define SERVER_UIDS 500 /* user "www" */
! 60:
! 61: 4.
! 62: If you have a /etc/pam.d directory, you need to create a file named
! 63: "pwauth" inside it. To authenticate out of the Unix Shadow file
! 64: under Redhat 6.x, the /etc/pam.d/pwauth file should look something like
! 65: this:
! 66:
! 67: auth required /lib/security/pam_pwdb.so shadow nullok
! 68: auth required /lib/security/pam_nologin.so
! 69: account required /lib/security/pam_pwdb.so
! 70:
! 71:
! 72: 5. place pwauth in /usr/local/sbin/.
! 73:
! 74: </body>
! 75: </html>
1.2 harris41 76:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to loncapapasswordauthentication.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / doc / build