Solved

user authorization via web

Posted on 2001-06-07
8
211 Views
Last Modified: 2010-08-05
HI,

I have some web pages that need to be protected and would like to use our company's system YP server(?) to authenticate their passwords. My company has both Unix and PCs with their own network. (But Let's just focus on Unix here) We have offices all over the world so I assume they all have different domains.
In such an environment, is it still possible to use the
Unix user authentication service? If so, how do I access it? Will I need help from our IT? or is there a way I could do it on my own?

Any help is greatly appreciated,
thanks,

JinJoo
0
Comment
Question by:jjlee081497
8 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6164890
I'm not aware of any standard/existing tools that do exactly this.
You could either roll your own, or coalesce all the NIS and/or NT
domain stuff into a single LDAP database and authenticate
against that.
0
 
LVL 38

Expert Comment

by:yuzh
ID: 6166414
Hi jjlee,

   If you are runing Solaris UNIX, try to use Sun WebServer administration package, this will enable you to do all the access control to you Website or a single directory, you can set login and password control for you Website.

   If you are using other version og UNIX, try Netscape HTTP server Administration package.

0
 
LVL 38

Expert Comment

by:yuzh
ID: 6166535
Hi jjlee,

   If you are run Apache for your web server, you can following the instruction in the following web page and try it out:

http://httpd.apache.org/docs/misc/FAQ.html#user-authentication

   Good luck!
 
0
 

Author Comment

by:jjlee081497
ID: 6168967
HI Yuzh,

I have a question though regarding the apache auth. service. I have read thru briefly and couldn't find the answer... if the user wanted to set his/her own password, is there a way for the person to do that? That's the key point for me - basically, I have people compaining that they don't want to remember another passwd beside their own system account passwd. So, if there is a way to let them set their own passwd without me knowing it, it would solve my problem.

Thanks!

JinJoo
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 38

Accepted Solution

by:
yuzh earned 150 total points
ID: 6170010
Hi jjlee,

   I use Sun WebServer on my site. I believe that it is not a good idea to let the user set their own password for the Web site.

   It is possible to let the user to set their own password, by create a admin account, and you have to give this login and password to the user to enable them to set their own passward, but this will cause some management problem later on.

  I suggest that you create some common account, eg, a login a ccount for sales, account department etc, and everyone accesss to the same dir tree use that same login and password, or you have to add all your user one by one to the access usr list, to enable them to use their own password.

  I am runing a university site, I use unit user as a login name, and everyone want to access to the unit use the same login name and password.

   For the user to maintain their own web page, they only need to use their unix account login name and password and use ftp or whatever package to do it. All you need to do is set the dir permissions to let the usr own the dir, make sure you set the group id as nobody, and set g+s to the dir.

   I hope this information can help.
0
 
LVL 5

Expert Comment

by:Nisus091197
ID: 6176682
I would be inclined to use a .htaccess file.  The file that you specify for that user authentitication will have to be updated via cron every 30 minutes say with the usernames and encrypted passwords of the users that you want to be granted access to the site.

Does this make sense to you?

Regards, Nisus
http://www.omnimodo.com
0
 

Expert Comment

by:jf18222
ID: 6187922
Do not expose YP to the internet, it has way too many security holes that are readily known, you are just asking to be hacked. You did not say what kind of web server is running on the Unix box. All of the Web servers people have mentioned have this feature built into them, but you are right in the fact that people will have another password to remember, but that is the price of opening up a site to the world. If you use a .htaccess file to provide security,  you could write a script to update the users password in the access file by using any descent password hacking program to turn the salted password from the password file for each user, into plain text and syncing that to the access file.
0
 

Author Comment

by:jjlee081497
ID: 6274132
Thank you everyone for your comments.
They were all helpful.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now