Solved

user authorization via web

Posted on 2001-06-07
8
214 Views
Last Modified: 2010-08-05
HI,

I have some web pages that need to be protected and would like to use our company's system YP server(?) to authenticate their passwords. My company has both Unix and PCs with their own network. (But Let's just focus on Unix here) We have offices all over the world so I assume they all have different domains.
In such an environment, is it still possible to use the
Unix user authentication service? If so, how do I access it? Will I need help from our IT? or is there a way I could do it on my own?

Any help is greatly appreciated,
thanks,

JinJoo
0
Comment
Question by:jjlee081497
8 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6164890
I'm not aware of any standard/existing tools that do exactly this.
You could either roll your own, or coalesce all the NIS and/or NT
domain stuff into a single LDAP database and authenticate
against that.
0
 
LVL 38

Expert Comment

by:yuzh
ID: 6166414
Hi jjlee,

   If you are runing Solaris UNIX, try to use Sun WebServer administration package, this will enable you to do all the access control to you Website or a single directory, you can set login and password control for you Website.

   If you are using other version og UNIX, try Netscape HTTP server Administration package.

0
 
LVL 38

Expert Comment

by:yuzh
ID: 6166535
Hi jjlee,

   If you are run Apache for your web server, you can following the instruction in the following web page and try it out:

http://httpd.apache.org/docs/misc/FAQ.html#user-authentication

   Good luck!
 
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:jjlee081497
ID: 6168967
HI Yuzh,

I have a question though regarding the apache auth. service. I have read thru briefly and couldn't find the answer... if the user wanted to set his/her own password, is there a way for the person to do that? That's the key point for me - basically, I have people compaining that they don't want to remember another passwd beside their own system account passwd. So, if there is a way to let them set their own passwd without me knowing it, it would solve my problem.

Thanks!

JinJoo
0
 
LVL 38

Accepted Solution

by:
yuzh earned 150 total points
ID: 6170010
Hi jjlee,

   I use Sun WebServer on my site. I believe that it is not a good idea to let the user set their own password for the Web site.

   It is possible to let the user to set their own password, by create a admin account, and you have to give this login and password to the user to enable them to set their own passward, but this will cause some management problem later on.

  I suggest that you create some common account, eg, a login a ccount for sales, account department etc, and everyone accesss to the same dir tree use that same login and password, or you have to add all your user one by one to the access usr list, to enable them to use their own password.

  I am runing a university site, I use unit user as a login name, and everyone want to access to the unit use the same login name and password.

   For the user to maintain their own web page, they only need to use their unix account login name and password and use ftp or whatever package to do it. All you need to do is set the dir permissions to let the usr own the dir, make sure you set the group id as nobody, and set g+s to the dir.

   I hope this information can help.
0
 
LVL 5

Expert Comment

by:Nisus091197
ID: 6176682
I would be inclined to use a .htaccess file.  The file that you specify for that user authentitication will have to be updated via cron every 30 minutes say with the usernames and encrypted passwords of the users that you want to be granted access to the site.

Does this make sense to you?

Regards, Nisus
http://www.omnimodo.com
0
 

Expert Comment

by:jf18222
ID: 6187922
Do not expose YP to the internet, it has way too many security holes that are readily known, you are just asking to be hacked. You did not say what kind of web server is running on the Unix box. All of the Web servers people have mentioned have this feature built into them, but you are right in the fact that people will have another password to remember, but that is the price of opening up a site to the world. If you use a .htaccess file to provide security,  you could write a script to update the users password in the access file by using any descent password hacking program to turn the salted password from the password file for each user, into plain text and syncing that to the access file.
0
 

Author Comment

by:jjlee081497
ID: 6274132
Thank you everyone for your comments.
They were all helpful.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Using Grep to Find a file 8 99
Remote Change Dates on AIX Automation 7 69
spectrum scale snapshot  resotre/mount 1 12
lunix and unix command 21 86
In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question