Apache Auth

Michael Torrie torriem at chem.byu.edu
Mon Dec 31 09:12:21 MST 2007


Erik R. Jensen wrote:
> Sounds to me like you are really looking for a single sign-on solution 
> (SSO).
> 
> You may want to look at
> 
> http://www.ja-sig.org/products/cas/
> 
> and
> 
> http://www.josso.org
> 
> I think these would be a better solution than trying to reinvent the 
> wheel. I have been working with CAS and like it so far. It has clients 
> for Apache, Java, .NET, Perl, PHP etc. and you can always write your own 
> since it is open. It will authenticate against a number of sources and 
> you can also create your own custom authentication source. There are 
> always closed solutions too. I know Oracle, Sun, IBM and Novell all have 
> single sign-on solutions if you want to pay for one.

Not only is it a great solution, there is a mod_cas authentication 
module for Apache that will allow you to do apache-level authentication 
against it.  This makes it very easy to casify 3rd party apps that just 
use normal apache authentication (.htaccess), or no authentication at all.

> 




More information about the PLUG mailing list