[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Using SecurID for authentication



I'll admit I'm still a beginner regarding LDAP, so maybe I missed
something in your question.

If you want the OS to retrieve user info from a directory but
authenticate passwords from a SecureID server, couldn't you just
use the PAM modules already provided by RSA?

Take a look at "RSA Authentication Agent for Unix/Linux " at:
http://www.rsasecurity.com/node.asp?id=1177

Regards,

Alan

-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of Josh
Sent: Mittwoch, 19. Januar 2005 16:51
To: openldap-software@OpenLDAP.org
Subject: Using SecurID for authentication


Has anyone hacked up openldap to authenticate against an ACE SecurID server
rather than using the normal password mechanisms?  My plan was to implement
it much like contrib/slapd-modules/passd/kerberos.c, but if the work has
already been done elsewhere, I'll gladly save myself the effort.

Another question:  is this the right way to go about it?  I have a feeling
it is, however there is a lot of talk about overlays these days.  The page
at Symas (http://www.symas.com/techtips/introtooverlays.html) implies that
overlays are mainly for modifying the way the backends work.

thanks,

-jkl