You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Neil A. Hillard" <hi...@whl.co.uk> on 2005/03/09 11:34:03 UTC
[users@httpd] RADIUS authentication with acceleration...
Hi,
I'm currently using Apache 2.0.53 as an accelerator, performing
rewriting (both URL and HTML) (thanks to Nick Kew !!!) which is working
perfectly.
I need to secure this with RADIUS authentication. I've tried using
mod_auth_radius but for some reason, mod_auth_radius doesn't appear to
be setting the required cookie.
The authentication request is accepted by the RADIUS server and the web
page returned. The browser then requests the images and stylesheets and
I can see the basic authentication being sent but no cookie.
mod_auth_radius then requeries the RADIUS and because it's a one-time
password the request is denied :-(
Is anyone else using mod_auth_radius on an accelerator with one-time
passwords ??? I'd be interested to know if anyone has managed to get
this to work !!!
I believe the relevant details from httpd.conf are:
AddRadiusAuth a.b.c.d:1645 xxxxxx 5:3
AddRadiusCookieValid 60
<Location />
AuthType Basic
AuthName "External Access"
AuthAuthoritative Off
AuthRadiusAuthoritative On
AuthRadiusActive On
require valid-user
</Location>
At present we're fronting Apache with Squid and RADIUS authentication.
This overcomplicates matters and introduces another problem. I'd like
to simplify things and reduce it to just Apache.
Does anyone know if (assuming I can get mod_auth_radius to work
successfully) whether this can be combined with group access ???
If anyone can suggest an alternate auth module then I'll take a look at
that, too.
Many thanks in advance,
Neil.
--
Neil Hillard hillardn@whl.co.uk
Westland Helicopters Ltd. http://www.whl.co.uk/
Disclaimer: This message does not necessarily reflect the
views of Westland Helicopters Ltd.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org