On Mon, May 12, 2008 at 12:44 PM, Travis Sidelinger <travis@xxxxxxxxxxxxxx> wrote: > Any know an easy method to provide 2-factor authentication in Apache? > > I'd like to require both a group name+password and a user name+password. > (or simply just two user accounts) > > I think this could be implemented via mod_proxy, or by writing a CGI > program to handle all the authentication. Thou, I'm curious if others have > done this. > > -Travis Travis: My recommendation is to use radius via mod_auth_xradius or similar. In general, using radius for authentication (which is what is designed for) will better in the long run. You can then use a radius server in the middle that proxies credentials to your two-factor authentication server. Or you can send the credentials straight from Apache to the 2FA server. We have documentation on the latter here: http://www.wikidsystems.com/documentation/howtos/two-factor-authentication-for-apache-2-2-or-higher I'm a bit confused by the question though. Do you want two-factor? Knowledge of a group name and password and knowlegde of a username and password is not two-factors. It is just more of one factor. Two-factor would be knowledge of something and possession of something such as a certificate, software token, hardware token, etc. HTH, Nick -- Nick Owen WiKID Systems, Inc. 404.962.8983 http://www.wikidsystems.com Commercial/Open Source Two-Factor Authentication --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|