Re: Linux/Windows Authentication?

From: Phil Wallisch (philip.wallisch@neustar.biz)
Date: Fri Feb 27 2004 - 13:58:00 EST


Try a product called Siteminder by Netegrity. Most of the
implementations I've seen used username/passwd to generate a cookie in
the client's browser. I did see that you could use X.509 certs though.

I will say I don't understand your reasons for no passwords.

On Thu, 2004-02-26 at 10:40, MARTIN M. BĂ©noni wrote:
> Hi list!
>
> I am looking forward to know if there is a way to meet this following
> requirement:
>
> We are setting up an Intranet. On it, each department will be allowed to =
> access a part of the server, for example HR Department will be allowed = to
> access just http://intranet/HR, Financial Department will just be = allowed
> to access to http://intranet/Finance, and so on. As they are = no-IT people,
> we would be looking for a transparent way to authenticate = them and to
> block someone from one department to access a file from = another
> department. User/password may be tough to set up as they will = have to
> remember them and we will have to check if they are not using = weak
> passwords. A PKI/Kerberos/... -based solution would be long to set = up as
> well. I was thinking about some key-based authentication, as it = can
> usually be done with ssh. But looking around the Internet for some =
> information, no way to find out some clues... Moreover, all the clients =
> will be Windows 2000/XP, and our Intranet runs under Linux (Redhat 9.0). =
> Some ideas? :-)
>
> Authentication based on IP addressees would be the easiest solution I = have
> been thinking about, but remains to know if I can tell my Linux box = to
> allow a given bunch of IP addresses to access just a given = directory...
>
> And of course, thanks in advance for the replies!
>
> Bnoni-
>
> _________________________________________________________________
> Tired of spam? Get advanced junk mail protection with MSN 8.
> http://join.msn.com/?page=features/junkmail
>
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:49 EDT