Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Apache module for OTP authentication with LinOTP
branch: master
Failed to load latest commit information.
AUTHORS
COPYING Initial release
ChangeLog Initial release
INSTALL Initial release
LICENSE Initial release
Makefile.am install both config and lib
NEWS
README added mandatory and optional parameters to readme
authn_linotp.load added module loading to mods-available
configure.ac Initial release
mod_authn_linotp.c resolved portability issue for apache 2.4

README

mod_authn_linotp - Apache module for authenticating with LinOTP
===============================================================

This apache module can be used to authenticate users against
LinOTP (http://linotp.org)

This auth module only works with basic authentication.
It uses a cookie to cache the authenticated user.
The authentication of the first request is done against the LinOTP server.
The consecutive requests are handled by the cookie.

Configuration parameters:
-------------------------

The module can only be configured in a directory context.



	LinOTPValidateURL
		mandatory
		Context:	Dir
		Format: 	https://server/validate/simplecheck
		Default:	-

	LinOTPRealm
		optional
		Context:	Dir
		The realm name, the user will be authenticated in.
		Format:		<string>
		Default:	-

	LinOTPResolver
		optional
		Context:	Dir
		The useridresolver, the user will be authenticated in.
		Format:		<string>
		 Default:	-

	LinOTPCookieSecret
		mandatory
		Context:	Dir
		A secret that is used to encrypt the cookie.
		Format:		<string>
		Default:	-

	LinOTPCookieName
		optional
		Context:	Dir
		The name of the cookie	
		Format:		<string>
		Default:	linotp_auth_module

	LinOTPSSLCertVerify
		optional
		Context:	Dir
		Whether the certificate of the LinOTP server should be verified
		Format:		On or Off
		Default:	Off

	LinOTPSSLHostVerify
		optional
		Context:	Dir
		Whether the hostname in the certificate of the LinOTP server should be verified
		Format:		On or Off
		Default:	Off

	LinOTPLogUser
		optional
		Context:	Dir
		Whether the username should appear in the log file
		Format:		On or Off
		Default:	On

	LinOTPLogPassword
		optional
		Context:	Dir
		Whether the password should appear in the log file
		Format:		On or Off
		Default:	Off
		
	LinOTPTimeout
		optional
		Context:	Dir
		maximum time (in seconds) for which a one-time password is valid
		Format:		a number
		Default:	600

Example:
========

        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all

                AuthType basic
                AuthName "LinOTP protected"
                AuthBasicProvider LinOTP
                Require valid-user
                LinOTPSSLCertVerify Off
                LinOTPSSLHostVerify Off
                LinOTPLogUser On
                LinOTPLogPassword On
                LinOTPCookieName myCookieName
                LinOTPValidateUrl https://localhost/validate/simplecheck
                LinOTPCookieSecret 098as0d9uasldj0a7sda
                LinOTPRealm Realm1
        </Directory>


Something went wrong with that request. Please try again.