On Thu, Apr 2, 2009 at 2:30 PM, Krist van Besien <krist.vanbesien@xxxxxxxxx> wrote: > On Thu, Apr 2, 2009 at 12:12 PM, ml@xxxxxxxxx <ml@xxxxxxxxx> wrote: > >> Now we would like to add an Authentification, so that only Users who pass >> the Reverse Proxy auth, will get to the Web-App login. This can be done by >> some htacces and static passwords. The disatvantage is, that this are static >> passwords and they could be stored by keyloggers. So we need some kind of >> one time passwords (OTP). >> >> Is there a way to add some random "salt" to the http authentification? > > If you have mod_perl you can use one of many mod_perl authentication > modules. One example is: > > http://search.cpan.org/~tobeya/Apache2-AuthenSecurID-0.5/Auth/Auth.pm > > Which can use a SecurID server... Ofcourse that wouldn't be cheap. Another alternative is to mod_auth_external http://unixpapa.com/mod_auth_external.html With this module you can basically use anything for authentication. You could for example use S/Key one time passwords with this. Krist -- krist.vanbesien@xxxxxxxxx krist@xxxxxxxxxxxxx Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|