party-fred wrote: > Is ist a good idea to implement http authentification against a linux > account and how can i do it with TurboGears?
Just imagine you forgot countermeasures against brute-force attempts to crack one of your accounts... Don't forget about HTTPS, as Daniel Fetchinson mentioned. > If you ask me i would prefer the more common way, with user accounts > stored in the database of the TurboGear Web App. But the requirement > of a project, i am working, is to make authentification against linux > accounts. so this seems to be tricky, isn't it? If it is about a quick solution use Apache as proxy and try mod_auth_pam. Don't forget to set identity.source="...,http_auth,..." In this case, take a look at pam_abl and friends. [1] -- W-Mark Kubacki [1] http://hexten.net/wiki/index.php/Pam_abl
smime.p7s
Description: S/MIME Cryptographic Signature
