Date: Sun, 17 Aug 1997 21:40:33 -0400 From: Chris Shenton <chris@absinthe.i3inc.com> To: ulf@alameda.net Cc: isp@freebsd.org Subject: Re: Changing password via web ? Message-ID: <199708180140.VAA28188@absinthe.i3inc.com> In-Reply-To: Your message of "Sun, 17 Aug 1997 15:56:02 -0700 (PDT)" References: <199708172256.PAA23248@Gatekeeper.Alameda.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 17 Aug 1997 15:56:02 -0700 (PDT)
Ulf Zimmermann <ulf@Alameda.net> wrote:
ulf> Is anyone offering this to their customers ? (certainly via
ulf> secure server ;-) ) We have many web/ftp only customers and I
ulf> don't really want to explain them how to telnet, just to change
ulf> their password (as that also is not secure). So I am looking for
ulf> a way to let the people change the password via a web page.
ulf> Enter old password, twice new password.
ulf>
ulf> Any tips ? Anyone who is doing this ?
I'm doing this for a RADIUS server database I set-up at NASA/HQ. I
wrote a bunch of scripts to allow an non-tech to enter a name, lookup
in our X.500, find the unique username, instantiate RADIUS fields
(auto-generated password, expiration date, etc), confirm, then store
to a DBM file.
When the user wants to change their password, they go to a different
web form, enter username, old password, and new password twice.
A script runs nightly to send 14, 7, 3, and 0-day reminders that their
password is about to expire.
Folks -- admin and user -- seem to like it: it's easy to use.
It's all done on Stronghold's commercial Apache+SSL, on a 586 running
Solaris. We have a cert from Veri$ign. I wrote it in Perl.
I can send you the password changing code, or any of the rest of it if
wanted, but it's kinda specific to HQ's infrastructure -- it depends
heavily on X.500 directory user information. I also hacked Ascend's
RADIUS to use encrypted-in-DBM passwords, rather than clear-text. But
if you want to blow-off the HQ, X.500, and radius hacks and just use
the bits, feel free. The password stuff uses a bunch of Perl library
routines I wrote for the admin part, but it should be readable enough.
Let me know if you want it. Send to my work address,
<cshenton@wirehead.it.hq.nasa.gov>.
PS: the Perl isn't that great -- it was one of my first Perl programs
of any complexity. If I knew Perl5 I would have done a better
job. Actually, if I were to do it again, I'd force myself to learn
Java and do it that way. :-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708180140.VAA28188>