On Thu, Apr 2, 2009 at 12:12 PM, ml@xxxxxxxxx <ml@xxxxxxxxx> wrote: > Now we would like to add an Authentification, so that only Users who pass > the Reverse Proxy auth, will get to the Web-App login. This can be done by > some htacces and static passwords. The disatvantage is, that this are static > passwords and they could be stored by keyloggers. So we need some kind of > one time passwords (OTP). > > Is there a way to add some random "salt" to the http authentification? If you have mod_perl you can use one of many mod_perl authentication modules. One example is: http://search.cpan.org/~tobeya/Apache2-AuthenSecurID-0.5/Auth/Auth.pm Which can use a SecurID server... Krist -- krist.vanbesien@xxxxxxxxx krist@xxxxxxxxxxxxx Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx