Re: Looking for authentication ideas

[Matt Weisberg <matt@xxxxxxxxxxxx>]

You might want to take a look at the open source Password Management  
servlets (PWM), http://developer.novell.com/wiki/index.php/Pwm

It was originally written as a password self-service system for Novell  
eDirectory, but it has a New User registration system and it now works  
against AD as well.

I've typically used it in Identity Management setups, but I have a  
customer using Squid with LDAP auth against Novell eDirectory and PWM  
for password self-service.  It works quite well.  There is a demo site  
here:  http://pwmdemo.weisberg.net/pwm/

It is written in Java and runs nicely under Tomcat.

Novell is shutting down their forge site, so the application will be  
moving to Google's developer site soon (new name coming too since pwm  
is taken).

Also, eDirectory might not be a bad auth source as Novell offers a  
free 250,000 object license for eDirectory: http://www.novell.com/products/edirectory/customer_license.htm

Matt

On Oct 21, 2009, at 7:21 PM, skinnyzaz wrote:

> Yes i realize that but it would be an internal site. Or I was also  
> trying to
> figure out a way to have someone create a request then I authroize  
> it some
> how. I was using AD for my squid authorization but i was having  
> trouble
> creating the AD accounts password field via LDAP.....
>
>
> Amos Jeffries-2 wrote:
> > On Wed, 21 Oct 2009 14:24:30 -0700 (PDT), skinnyzaz
> > <bradzazulak@xxxxxxxxx>
> > wrote:
> > > First I will let you know what I am trying to do. I am looking for  
> > > some
> > way
> > > to have users create there own user names and passwords from a  
> > > website
> > of
> > > some sort. And then have squid authenticate from the accounts  
> > > created
> > from
> > > the website. I have been looking for a couple months but am  
> > > starting to
> > run
> > > out of ideas. Does anyone have any idea of how this is possible?
> >
> > Your idea collapses into a simple case of: popup the auth login and  
> > accept
> > anything that is entered.
> >
> > Squid bundles with fake authenticators for testing that does  
> > exactly that.
> > For the older versions there is
> > http://wiki.squid-cache.org/ConfigExamples/Authenticate/LoggingOnly
> >
> >
> > You seem to be stuck in the idea that having a auth popup alone makes
> > things secure. The entire purpose of an authentication is to  
> > control who
> > gets access. Allowing random people to add themselves anonymously  
> > is not a
> > good idea.
> >
> > Amos
>
> --
> View this message in context: http://www.nabble.com/Looking-for-authentication-ideas-tp26000513p26001776.html
> Sent from the Squid - Users mailing list archive at Nabble.com.