On Thu, 2009-07-16 at 10:52 -0400, John Almberg wrote:
> I am trying to build a set of web applications that are accessed  
> through a web portal that uses a Single Sign On (SSO) solution.  

Combine your SSO (LDAP mostly, Kerberos is a waking nightmare) with a
2FA/TFA (Second Factor Authentication) solution such as grid cards,
FOBs, or an OTP password list.

I recommend Entrust IdentityGuard.   Our pam_radius works fine with it,
and web application can run NSS functionality out of LDAP and PAM
functionality out of Entrust's SOAP-XML Authentication API. 


freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to