<HTML>
<HEAD>
<TITLE>LON-CAPA Managing user passwords</TITLE>
</HEAD>
<BODY>
<H1>LON-CAPA Managing user passwords</H1>
<P>
Scott Harrison
</P>
<P>
Last updated: 02/10/2001
</P>
<P>
This file describes issues associated with managing user
passwords on a LON-CAPA system.
</P>
<H3>Latest HOWTO</H3>
<P>
There are three main topics when considering user passwords:
authentication, accessing the file system, and web-based access.
</P>
<P>
Authentication is covered in a separate document. I will briefly
mention that LON-CAPA supports different kinds of authentication
that can be customized for use within different institutional computing
environments. Authentication, whether it be related to web-based access,
or accessing the file system, is strictly the job of library servers,
not access servers.
</P>
<P>
Web-based access is initiated through a javascript encrypted protocol.
The server enables access to LON-CAPA from the client IP address until
the user logs out, or time expires without any action made by the user
on the web pages. Web-based access is something which is implemented
for the full range of users--from students to course administrators
to content developers. LON-CAPA relies upon the /home/httpd/lonUsers/
directories to store information about password authentication for
the users of a given system.
</P>
<P>
Something which is not implemented for the full range of users, but
which is reserved for content developers, is file system access.
LON-CAPA provides for a wide range of file system access including
SSH, Samba (Windows Network Neighborhood), Appleshares, an FTP.
Three files are involved with coordinating file system access:
/etc/group, /etc/smbpasswd, and /etc/passwd.
</P>
<P>
Correctly handling the contents of /home/httpd/lonUsers directories,
and the /etc/group, /etc/smbpasswd, and /etc/passwd files is of
critical importance to ensure uninterrupted access to the LON-CAPA
network.
</P>
<P>
This document will be developed further.
</P>
</BODY>
</HTML>
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>