BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

apache authentication via nis

Subject: apache authentication via nis
From: john.abreau at zuken.com (John Abreau)
Date: Thu, 17 Aug 2006 17:23:43 -0400
In-reply-to: <44E4DA10.2010703@stephenadler.com>
References: <44E4C5B2.10508@stephenadler.com> <c8ec85e70608171249s2fa60c86vf3ddb2e8296b3a9c@mail.gmail.com> <44E4DA10.2010703@stephenadler.com>

Stephen Adler wrote:
> Thanks Andrew, from what I can tell mod_auth_pam is not an official 
> apache module,
> but a 3rd party one. am I correct about that? There also seems to be an 
> perl one out there
> as well. I'm wondering how secure these 3rd party modules are...
> 

mod_auth_pam uses the same authentication as your shell account. That 
means when you use it in an unencrypted HTTP session, you're sending
your password in clear text.

If you limit use of mod_auth_pam to SSL-encrypted sessions, you
eliminate this problem.

-- 
John Abreau
IT Manager
Zuken USA
238 Littleton Rd., Suite 100
Westford, MA 01886
T: 978-392-1777            F: 978-692-4725
M: 978-764-8934
E: John.Abreau at zuken.com  W: www.zuken.com

Follow-Ups:
- apache authentication via nis
  - From: adler at stephenadler.com (Stephen Adler)

References:
- apache authentication via nis
  - From: adler at stephenadler.com (Stephen Adler)
- apache authentication via nis
  - From: a.medico at gmail.com (Andrew Medico)
- apache authentication via nis
  - From: adler at stephenadler.com (Stephen Adler)

Prev by Date: apache authentication via nis
Next by Date: apache authentication via nis
Previous by thread: apache authentication via nis
Next by thread: apache authentication via nis
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org