mod_auth_tkt | Lightweight single-signon authentication module for Apache | Authentication library
kandi X-RAY | mod_auth_tkt Summary
kandi X-RAY | mod_auth_tkt Summary
See the INSTALL file for installation instructions. mod_auth_tkt is a lightweight cookie-based authentication module for Apache, written in C. It implements a single-signon framework that works across multiple apache instances and multiple machines. The actual authentication is done by a user-supplied CGI or script in whatever language you like (examples are provided in Perl), meaning you can authenticate against any kind of user repository you can access (password files, ldap, databases, etc.). mod_auth_tkt supports inactivity timeouts (including the ability to control how aggressively the ticket is refreshed), the ability to include arbitrary user data within the cookie, configurable cookie names and domains, and token-based access to subsections of a site. mod_auth_tkt works by checking incoming Apache requests for a (user- defined) cookie containing a valid authentication ticket. The ticket is checked by generating an MD5 checksum for the username and any (optional) user data from the ticket together with the requesting IP address and a shared secret available to the server. If the generated MD5 checksum matches the ticket's checksum, the ticket is valid and the request is authorised. Requests without a valid ticket are redirected to a configurable URL which is expected to validate the user and generate a ticket for them. This package includes a Perl module for generating the cookies; implementations for other environments should be relatively straightforward.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of mod_auth_tkt
mod_auth_tkt Key Features
mod_auth_tkt Examples and Code Snippets
Community Discussions
Trending Discussions on mod_auth_tkt
QUESTION
I am trying to implement two factor authentication. The login will consist of 2 steps:
Username and password are provided and checked for correctness. If they are correct, and 2FA is not enabled for the account, the user is logged in (a cookie is set). If they are correct and 2FA is enabled, the user is redirected to a page where she has to enter her one time password.
The user enters her one time password and is logged in if it is correct.
When redirecting the user to the OTP page, I need to somehow remember that she already entered the correct password and username. What would be the best way to do that? Is it possible to send post data with a redirect, so that I can just send password and username again? Should I create an intermediate cookie that saves a secret (and also save that secret on the server, seems like a complicated way of doing it?).
I am using flask and mod_auth_tkt (an apache mod for cookie based authentication) if that makes any difference.
...ANSWER
Answered 2019-Jun-17 at 16:03Should I create an intermediate cookie that saves a secret (and also save that secret on the server, seems like a complicated way of doing it?).
I guess you could use Flask session for that, just remember to clear it if login/two factor authentication fails!
Documentation: http://flask.pocoo.org/docs/1.0/quickstart/#sessions
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install mod_auth_tkt
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page