How to let a web application use the user credential of /etc/passwd for authentication purpose?

Balbir Singh
Balbir Singh used Ask the Experts™
on
Basically, I want same a user to use same id and password to login to web based and ssh login both. I am wondering if there is a better way to do it. What is industry standard to solve a situation when a user can use same credential to login via ssh and web.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Fractional CTO
Distinguished Expert 2018
Commented:
If I were going to so this, I'd write some code which ran when setting up a user to add the same user to /etc/passwd + also a file like /etc/apache2/passwd, then use each file for ssh + Apache basic authentication.

As both files have a different format/permissions, so best to just write code to keep them in sync.

Also be sure any password changing code does the same syncing.

When you mention "Web based", you'll still have to write much additional code, as there's no real "Web interface" to the filesystem.

Likely best to just use ssh/sftp, which both can share /etc/passwd, then use setfacl to allow Apache to serve the files. Best to keep all file management out of Apache, as code like WebDAV will do this + is very slow compared with ssh + sftp.
Scott FellDeveloper & EE Moderator
Fellow 2018
Most Valuable Expert 2013
I would advise against this. Keep your log in for your web app separate from getting into the server. If anything, try using social log in.

Check out https://www.oauthlogin.com/ or https://hybridauth.github.io/. There are plenty of others too. There is also plenty of code out there for creating a log in system of your own including forgot password or forcing some type of authenticator or verification through sms or email.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial