Diff for /doc/build/Attic/loncapapasswordauthentication.html between versions 1.1 and 1.5

version 1.1, 2001/02/10 17:07:47 version 1.5, 2001/09/30 18:33:08
Line 1 Line 1
 <HTML>  <html>
 <HEAD>  <head>
 <TITLE>LON-CAPA Password authentication</TITLE>  <title>LON-CAPA Password authentication</title>
 </HEAD>  </head>
 <BODY>  <body>
 <H1>LON-CAPA Password authentication</H1>  <h1>LON-CAPA Password authentication</h1>
 <P>  <p>
 Scott Harrison  Scott Harrison
 </P>  </p>
 <P>  <p>
 Last updated: 02/10/2001  Last updated: 09/30/2001
 </P>  </p>
 <P>  <p>
 This file describes issues associated with authenticating  This file describes issues associated with authenticating
 passwords on a LON-CAPA system.  passwords on a LON-CAPA system.
 </P>  </p>
 <H3>Latest HOWTO</H3>  <p>
 <P>  I am just now adding information on how to configure a LON-CAPA
 </P>  system to work with shadow passwords.
 </BODY>  </p>
 </HTML>  <h3>Latest HOWTO</h3>
   <p>
   The following section of perl code illustrates the
   different ways passwords can be evaluated.
   </p>
   <p>
   <pre>
                             my ($howpwd,$contentpwd)=split(/:/,$realpasswd);
                             my $pwdcorrect=0;
                             if ($howpwd eq 'internal') {
         $pwdcorrect=
     (crypt($upass,$contentpwd) eq $contentpwd);
                             } elsif ($howpwd eq 'unix') {
                                 $contentpwd=(getpwnam($uname))[1];
                                 $pwdcorrect=
                                     (crypt($upass,$contentpwd) eq $contentpwd);
                             } elsif ($howpwd eq 'krb4') {
                                 $pwdcorrect=(
                                    Authen::Krb4::get_pw_in_tkt($uname,"",
                                           $contentpwd,'krbtgt',$contentpwd,1,
        $upass) == 0);
                             }
                             if ($pwdcorrect) {
                                print $client "authorized\n";
                             } else {
                                print $client "non_authorized\n";
                             }  
   </pre>
   </p>
   <hr />
   Making a LON-CAPA system work with shadow passwords (in five steps;
   assuming that the linux system is configured for shadow passwords)
   <pre>
   1. Get http://www.wwnet.net/~janc/software/mod_auth_external-2.1.13.tar.gz
   
   2. cd mod_auth_external/pwauth
   
   3. alter the config.h file line to match the UID of www
   #define SERVER_UIDS 500         /* user "www" */
   
   4.
         If you have a /etc/pam.d directory, you need to create a file named
         "pwauth" inside it.  To authenticate out of the Unix Shadow file
         under Redhat 6.x, the /etc/pam.d/pwauth file should look something like
         this:
   
           auth       required     /lib/security/pam_pwdb.so shadow nullok
           auth       required     /lib/security/pam_nologin.so
           account    required     /lib/security/pam_pwdb.so
   
   
   5.  place pwauth in /usr/local/sbin/.  (chmod 6755 /usr/local/sbin/pwauth)
   
   </body>
   </html>
   

Removed from v.1.1  
changed lines
  Added in v.1.5


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>