[users@httpd] Adding a proprietary 2-step authentication method that only does the 2nd step

[Andy Gutman <an...@gmail.com>]

I want to add a proprietary 2-factor authentication method to an Apache Web
Server that only does the 2nd step. The first challenge (username &
password) is handled by whatever mechanism exists & is configured for that
user or directory (e.g., basic, digest)

I have built a module that handles both challenges - username/password
followed by my proprietary way-, however, I cannot find a way to split
these into independent modules such that the core calls the first
configured authentication and if the user is successfully authenticated, is
followed by the server calling my second proprietary mechanism.

Is this possible?

Re: [users@httpd] Adding a proprietary 2-step authentication method that only does the 2nd step

[Mauricio Tavares <ra...@gmail.com>]

On Wed, Oct 23, 2019 at 11:54 AM Andy Gutman <an...@gmail.com> wrote:
>
> I want to add a proprietary 2-factor authentication method to an Apache Web Server that only does the 2nd step. The first challenge (username & password) is handled by whatever mechanism exists & is configured for that user or directory (e.g., basic, digest)
>
> I have built a module that handles both challenges - username/password followed by my proprietary way-, however, I cannot find a way to split these into independent modules such that the core calls the first configured authentication and if the user is successfully authenticated, is followed by the server calling my second proprietary mechanism.
>
> Is this possible?

I do not know if this will help you but it sure reminds me of how pam
modules are done in Linux.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org