Re: User credential passing standard

Tue, 20 Apr 1999 04:45:01 -0700 

Dear All,

> You didn't mention if the servers are in the same Domain.  If they are then
> using a combination of Domain cookies and a common authentication server to
> your servers would probably do the trick.

I hope this is not too far off the subject of a *STANDARD*...
at least it is coming from the working end of the matter.

I am about to extend mod_auth_cookie for apache to use encrypted cookies for one 
domain only.
We already use kerberos authentication so mod_auth_cookie_crypt (whatever) will work 
with it.
Trouble is, I don't even understand apache configuration (*YET*).
I would also like to support the progress of apache.
If I can write the module to conform to any likely standard, I will.
I am also going to have a look at using PGP (which I will have a learning curve with 
too).

Can *ANYONE* help me with good URLs to look at or *ANY* information at all?

Fanx a bunch.
ANIL.
[EMAIL PROTECTED]
________________________________________________________________________________
Neil (Anil) Gulati
[EMAIL PROTECTED]

Unix Systems
Information Technology Directorate
Southern Cross University
Northern Rivers NSW Australia
________________________________________________________________________________

Date: Thu, 15 Apr 1999 11:35:44 -0400 (EDT)
From: "Kevin J. Dyer" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: user credential passing standard
Message-id: <[EMAIL PROTECTED]>
Content-type: text/plain; charset=us-ascii
MIME-Version: 1.0

Tom,

  You didn't mention if the servers are in the same Domain.  If they are then
using a combination of Domain cookies and a common authentication server to
your
servers would probably do the trick.  Digest authentication is better but
as people have already stated, it ain't there yet.  Are you worried about
session timouts, single signon, access control and simplified administration?
You might want to look at a commercial SSO system for web servers.

                                                Just another voice,

                                                Kevin

On Apr 14,  2:42pm, [EMAIL PROTECTED] wrote:
> Subject: user credential passing standard
> Is there a standard way to pass user credentials from one web server/proxy
> to another web server/proxy? Like encrypted cookies or something.
>
> -Tom
>
>-- End of excerpt from [EMAIL PROTECTED]



--
=====================================================================
Kevin J. Dyer                                Draper Laboratory  MS 35
Email: <[EMAIL PROTECTED]>                    555 Tech. Sq.
Phone: 617-258-4962                          Cambridge, MA 02139
FAX: 617-258-2061

Reply via email to