[unisog] Centralized auth for web servers

James J. Barlow jbarlow at ncsa.uiuc.edu
Mon Jul 24 19:39:45 GMT 2006


Was wondering if anyone else has any experience in a centralized web
authentication application?  We seem to have more and more servers 
being set up at our site that accept kerberos passwords (which authenticate
against our centralized kerberos servers), and it's making me a bit
nervous.  I'm worried about one of those servers getting compromised
and then a miscreant could snag lots of peoples kerberos passwords.
I'd like a solution where the different web servers could use one server
for authentication (which would then be centrally managed), and then
use that authenticaton token/cookie, or whatever, for access to their pages.

We have looked at Bluestem (https://www-s.uiuc.edu/bluestem/notes/overview.html)
and was wondering what other sites may be using.  TIA.


-- 
James J. Barlow   <jbarlow at ncsa.uiuc.edu>
Head of Security Operations and Incident Response
National Center for Supercomputing Applications    Voice : (217)244-6403
1205 West Clark Street, Urbana, IL  61801           Cell : (217)840-0601
http://www.ncsa.uiuc.edu/~jbarlow                    Fax : (217)244-1987


More information about the unisog mailing list