httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Neil A. Hillard" <>
Subject Re: [users@httpd] xradius and otp
Date Thu, 20 Sep 2007 11:34:50 GMT

Cornelius K├Âlbel wrote:
> I am trying to use mod_auth_xradius with ubuntu 7.04, apache 2.2
> I compiled and installed/configured it successfully. Thanks to an earlier questions.
> But I'd like to use one time passwords.
> The first time I access my website http://secret-site3 the authentication works fine.
> But when i click on another link on this page, i time out and some times I get a second
auth request.
> My vhost config looks like this:
> --snip--
> LoadModule auth_xradius_module /usr/lib/apache2/modules/
> ## If you do not want Authentication Caching, set:
> #AuthXRadiusCache none -
> AuthXRadiusCache dbm "/usr/lib/apache2/auth_xradius_cache"
> # 1h Timeout.
> AuthXRadiusCacheTimeout 3600


> Is it right that the basic authentication sends the credentials again, when going to
another link?
> Then of course the OTP would not be valid anymore.
> I think the module needs to remember, that the user was authenticated. I think mod_auth_radius
of freeradius used to use session cookies, but this module won't run with apache 2.2.
> How could it be done using mod_auth_xradius?

The purpose of the cache is to store the username / password pairs so
they can be validated without hitting the RADIUS server (which would
fail).  You appear to have configured the cache but it doesn't appear to
be working.

I can confirm that we are using it in this exact situation (in fact Paul
wrote it for us!) and we don't have any problems.

We actually use memcache:

AuthXRadiusCache memcache ""

but it may be something to do with your permissions on:


Does the user Apache is running as have permission to access/create the



Neil Hillard          

Disclaimer: This message does not necessarily reflect the
            views of Westland Helicopters Ltd.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message