[Melbourne-pm] Authentication ?

Stephen Steneker stephen at sydney.pm.org
Mon Mar 30 02:53:50 PDT 2009

> If you wanted to do authentication on apache with the following  
> basic features:
> * (optional) Ability to register your own account with email token  
> validation
> * (optional) ability to use 3rd party accounts (ala OpenID)
> * Password recovery via email token
> * Apache Module for login & access control
> It seems that most open source code does authentication &  
> registration internally.
> So I am collecting what people would use that is independent of  
> framework or product - but can depend on Apache?

Hi Scott,

I'd suggest mod_auth_tkt :

"mod_auth_tkt hands off the authentication and authorisation problem  
to the URL of your choice. This means that you can use whatever  
technology (CGI, Perl, PHP, ASP, Java etc.) and whatever repositories  
(passwd files, LDAP, NIS, RDBMS, radius, or any combination thereof)  
you like - as long as the authorising page or script generates a valid  
ticket for a valid user everything should work just fine."


More information about the Melbourne-pm mailing list