[Modules] xradius with OTP
Cornelius Kölbel
cornelius.koelbel at lsexperts.de
Thu Sep 20 06:07:01 EDT 2007
Dear list,
I am trying to use mod_auth_xradius with ubuntu 7.04, apache 2.2
I compiled and installed it successfully.
But I'd like to use one time passwords.
The first time I access my website http://secret-site3 the authentication works fine.
But when i click on another link on this page, i time out and some times I get a second auth request.
My vhost config looks like this:
--snip--
LoadModule auth_xradius_module /usr/lib/apache2/modules/mod_auth_xradius.so
## If you do not want Authentication Caching, set:
#AuthXRadiusCache none -
AuthXRadiusCache dbm "/usr/lib/apache2/auth_xradius_cache"
# 1h Timeout.
AuthXRadiusCacheTimeout 3600
<VirtualHost *>
ServerName secret-site3
ServerAdmin webmaster at localhost
DocumentRoot /var/www/site3
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/site3/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
AuthType Basic
AuthBasicProvider xradius
AuthName "Please enter your username and WiKID one-time passcode for entry to this site."
AuthXRadiusAddServer "localhost:1812" "testing123"
AuthXRadiusTimeout 7
AuthXRadiusRetries 2
# AuthUserFile /etc/apache2/passwd
require valid-user
# This directive allows us to have apache2's default start page
# in /apache2-default/, but still have / go to the right place
#RedirectMatch ^/$ /apache2-default/
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel debug
CustomLog /var/log/apache2/access.log combined
ServerSignature On
</VirtualHost>
--snip--
I think the module needs to remember, that the user was authenticated. How is this done and how is it configured correctly?
Thanks a lot and kind regards
Cornelius
More information about the Modules
mailing list