On Mon, May 11, 2009 at 1:01 PM, Ross Boylan <ross@xxxxxxxxxxxxxxxx> wrote: > On Mon, 2009-05-11 at 11:21 -0400, Nick Owen wrote: >> On Sat, May 9, 2009 at 12:34 PM, Ross Boylan <ross@xxxxxxxxxxxxxxxx> wrote: >> > Suppose I have apache running in front of a web application and >> > subversion. >> > >> > I am thinking of a scenario in which the web application provides a >> > login page. However, the user may also browse to web pages served by >> > subversion. >> > >> > Is there a way that my app can have someone log in and then pass the >> > identity and authentication "up" to appache? In particular, I'd want >> > this authentication used if the user browsed over to the subversion >> > repository. >> > >> > I'm assume a common source, e.g., LDAP, will provide user and password >> > information that is the same for my app and apache. >> > >> > A final wrinkle is that the application itself may access subversion via >> > http:// (https?) using either the identity of the user or, perhaps, a >> > separate identity the application runs under. >> >> Have you investigated single sign-on solutions such as CAS and OpenSSO? > > No. That's certainly relevant, since the university is moving toward > single sign on. I'm not sure of the exact technology, but I believe > it's from IBM. However, how do I make Apache aware of the single sign > on? > > We're probably going to need an alternative before the single sign on is > working. There are also a significant usability issues with the current > single signon system (for those few areas its active). Try mod-cas: http://mod-cas.sourceforge.net/.. haven't tested it myself, but I have played with CAS and it's radius interface -- -- Nick Owen WiKID Systems, Inc. 404.962.8983 http://www.wikidsystems.com Commercial/Open Source Two-Factor Authentication --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|