httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Satya Prakash Prasad <satyaprakash.pra...@gmail.com>
Subject Re: [users@httpd] WAMP SSO
Date Tue, 11 Sep 2012 11:52:48 GMT
Thanks for the details. I am sorry but I am Unix guy and have not much
expertise on Windows platform.

I googled and found that mod_auth_tkt is provided as a UNIX tarball -
nothing windows specific.

Please let me know how I can migrate / install it on windows?

Regards,
Prakash

On Tue, Sep 11, 2012 at 1:28 PM, linuxsupport <lin.support@gmail.com> wrote:
> try mod_auth_tkt
>
>
> On Tue, Sep 11, 2012 at 11:46 AM, Satya Prakash Prasad
> <satyaprakash.prasad@gmail.com> wrote:
>>
>> Thanks to all for the information and details as provided.
>>
>> I would try to explore the various options provided in the discussion.
>> Kindly note that I need to implement it on WAMP as mentioned earlier
>> (Windows, Apache, MySQL and PHP).
>>
>> The one option I may request upon is that does Apache itself does not
>> provide modules / mechanism to implement SSO?
>>
>> Thanks in advance.
>>
>> Regards,
>> Prakash
>>
>>
>> On Mon, Sep 10, 2012 at 8:32 PM, Mark Montague <mark@catseye.org> wrote:
>> > On September 10, 2012 10:03 , Nick Kew <nick@webthing.com> wrote:
>> >>>>
>> >>>> I need to implement SSO (Single Sign On) for a tool to be launched
>> >>>> for
>> >>>> people of our organization only.
>> >>>
>> >>> For true SSO solutions, look at
>> >>
>> >> Any strong reason to prefer those to worldwide initiatives
>> >> such as OpenID/OpenAuth?
>> >
>> >
>> > Mostly because I didn't think of them :)   But, now that you've asked:
>> >
>> > My understanding is that most of the following features offered by
>> > cosign/PubCookie/CAS are not offered by OpenID/OpenAuth:
>> >     * Centralized Single Log Out.
>> >     * Per-site forced reauthentication (e.g., when user's IP address
>> > changes, or when they access a particularly sensitive resource)
>> >     * Per-site multi-factor authentication (including hardware tokens,
>> > X.509
>> > client certificates, etc.)
>> >     * Idle time outs (require reauthentication after, say, 2 hours of no
>> > pages being requested).
>> >     * Hard time outs (require reauthentication, say, every 24 hours or
>> > every
>> > week, regardless of activity)
>> >     * Credential proxying to back-end services (other web servers, IMAP,
>> > LDAP, databases, etc.)
>> >
>> > Regardless of the above, OpenID/OpenAuth may be a fine choice for the
>> > original poster, depending on his requirements, particularly if he sets
>> > up
>> > his own OpenID provider rather than using an external provider such as
>> > Google or Yahoo.
>> >
>> > --
>> >   Mark Montague
>> >   mark@catseye.org
>> >
>> >
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> > For additional commands, e-mail: users-help@httpd.apache.org
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message