Apache module for OTP authentication with LinOTP
C
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
.gitreview
AUTHORS
COPYING
ChangeLog
INSTALL
LICENSE Initial release May 5, 2012
Makefile.am
NEWS
README
authn_linotp.load
configure.ac
mod_authn_linotp.c

README

mod_authn_linotp - Apache module for authenticating with LinOTP
===============================================================

This apache module can be used to authenticate users against
LinOTP (http://linotp.org)

This auth module only works with basic authentication.
It uses a cookie to cache the authenticated user.
The authentication of the first request is done against the LinOTP server.
The consecutive requests are handled by the cookie.

Configuration parameters:
-------------------------

The module can only be configured in a directory context.



	LinOTPValidateURL
		mandatory
		Context:	Dir
		Format: 	https://server/validate/simplecheck
		Default:	-

	LinOTPRealm
		optional
		Context:	Dir
		The realm name, the user will be authenticated in.
		Format:		<string>
		Default:	-

	LinOTPResolver
		optional
		Context:	Dir
		The useridresolver, the user will be authenticated in.
		Format:		<string>
		 Default:	-

	LinOTPCookieSecret
		mandatory
		Context:	Dir
		A secret that is used to encrypt the cookie.
		Format:		<string>
		Default:	-

	LinOTPCookieName
		optional
		Context:	Dir
		The name of the cookie	
		Format:		<string>
		Default:	linotp_auth_module

	LinOTPSSLCertVerify
		optional
		Context:	Dir
		Whether the certificate of the LinOTP server should be verified
		Format:		On or Off
		Default:	Off

	LinOTPSSLHostVerify
		optional
		Context:	Dir
		Whether the hostname in the certificate of the LinOTP server should be verified
		Format:		On or Off
		Default:	Off

	LinOTPLogUser
		optional
		Context:	Dir
		Whether the username should appear in the log file
		Format:		On or Off
		Default:	On

	LinOTPLogPassword
		optional
		Context:	Dir
		Whether the password should appear in the log file
		Format:		On or Off
		Default:	Off
		
	LinOTPTimeout
		optional
		Context:	Dir
		maximum time (in seconds) for which a one-time password is valid
		Format:		a number
		Default:	600

Example:
========

        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all

                AuthType basic
                AuthName "LinOTP protected"
                AuthBasicProvider LinOTP
                Require valid-user
                LinOTPSSLCertVerify Off
                LinOTPSSLHostVerify Off
                LinOTPLogUser On
                LinOTPLogPassword On
                LinOTPCookieName myCookieName
                LinOTPValidateUrl https://localhost/validate/simplecheck
                LinOTPCookieSecret 098as0d9uasldj0a7sda
                LinOTPRealm Realm1
        </Directory>