From owner-freebsd-isp Fri Oct 1 20:32:26 1999 Delivered-To: freebsd-isp@freebsd.org Received: from cliff.i-plus.net (cliff.i-plus.net [209.100.20.42]) by hub.freebsd.org (Postfix) with ESMTP id 71C0014E47 for ; Fri, 1 Oct 1999 20:32:17 -0700 (PDT) (envelope-from st@i-plus.net) Received: from abyss ([209.100.25.1]) by cliff.i-plus.net (8.9.3/8.9.3) with SMTP id XAA63382; Fri, 1 Oct 1999 23:32:11 -0400 (EDT) From: "Troy Settle" To: "Robert Hough" Cc: Subject: RE: Database Authentication Date: Fri, 1 Oct 1999 23:31:58 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <19991001154148.A2067@sneakerz.org> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Interesting... I read the original message, then the replies from both Craig and Dave. Both made the assumption that Robert was talking about a web server. I took the original message as a desier to move user passwd entries from /etc/passwd to a database of some sort. This is entirely possible, and easily implemented through PAM. But, PAM is *ONLY* for authentication. It will not, AFAIK, return other information, such as the user's UID, GID, shell, home directory, etc... For authorization, you need something else. The ultimate solution, is to replace the getpw*() functions with your own variant. For that, you're on your own, but rest assured, it shouldn't be too difficult. Good luck, Troy PS: If you're successful, I believe that several folks would be highly interested in your modifications. Might want to announce when you're done ;) > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Dr. Dave > Sent: Friday, October 01, 1999 6:42 PM > To: Robert Hough > Cc: freebsd-isp@FreeBSD.ORG > Subject: Re: Database Authentication > > > On Fri, Oct 01, 1999 at 11:13:19AM -0500, Robert Hough wrote: > > We are looking to possibly switch to a database authentication > method, but > > the problem is, I cant seem to find any decent information on how to > > implement this. Does anyone here have something I could refer to, that > > would show the in and outs of making this work? > > Is your database on the web? You could use ssl for secure > database lookups. > As far as auth goes, most web servers support auth combines with ssl. > -- > -------------------------------------------------------------------------- > Dave McKay dave@sneakerz.org > > MSN Hotmail http://www.hotmail.com > -------------------------------------------------------------------------- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message