Apache Auth

Michael Torrie torriem at chem.byu.edu
Mon Dec 31 09:12:21 MST 2007

Erik R. Jensen wrote:
> Sounds to me like you are really looking for a single sign-on solution 
> (SSO).
> You may want to look at
> http://www.ja-sig.org/products/cas/
> and
> http://www.josso.org
> I think these would be a better solution than trying to reinvent the 
> wheel. I have been working with CAS and like it so far. It has clients 
> for Apache, Java, .NET, Perl, PHP etc. and you can always write your own 
> since it is open. It will authenticate against a number of sources and 
> you can also create your own custom authentication source. There are 
> always closed solutions too. I know Oracle, Sun, IBM and Novell all have 
> single sign-on solutions if you want to pay for one.

Not only is it a great solution, there is a mod_cas authentication 
module for Apache that will allow you to do apache-level authentication 
against it.  This makes it very easy to casify 3rd party apps that just 
use normal apache authentication (.htaccess), or no authentication at all.


More information about the PLUG mailing list