100 likes | 205 Views
Jon Warbrick University of Cambridge Computing Service jon.warbrick@ucs.cam.ac.uk. Raven!. info.eagle.current.status (... or “where we've got to with Raven”). Remind me, what it is?. A centrally-managed, password-based authentication system for web-based services Consisting of
E N D
Jon WarbrickUniversity of Cambridge Computing Service jon.warbrick@ucs.cam.ac.uk Raven! info.eagle.current.status(... or “where we've got to with Raven”)
Remind me, what it is? • A centrally-managed, password-based authentication system for web-based services • Consisting of • Centrally-managed user ids and passwords • Central authentication server • 'Application Agents' (AAs) for web servers and web applications
Where we are today • User ids and passwords issued to everyone • Central server running • CS supported AAs for Apache 1 and 2 under Unix (Solaris, Linux, MacOSX); Perl CGI • Contributed AAs (of varying quality) for Tomcat, Ruby CGI, PHP
Who's using it? • www.cam extending 'cam-only' • The new @cam mail redirection service • CS for internal Wiki access • University Library, Computer Laboratory, Geography, Genetics, ... • Clare, Downing, Trinity Hall, Jesus, ... • Union Society, SRCF, ...
What you can do with it • A replacement for 'cam-only':AddModule mod_ucam_webauth.cAACookieKey "some random string"<Location "/protected_dir/">AuthType Ucam-WebAuthRequire valid-user</Location>
What you can do with it (2) • An extension of 'cam-only':AddModule mod_ucam_webauth.cAACookieKey "some random string"<Location "/protected_dir/">Order allow,deny Allow from .cam.ac.uk AuthType Ucam-WebAuth Require valid-userSatisfy any</Location>
What you can do with it (3) • Group accessAddModule mod_ucam_webauth.cAACookieKey "some random string"<Location "/protected_dir/"> AuthType Ucam-WebAuthAuthGroupFile web-groupsRequire group staff</Location>
Where next? • Apache module built for Windows and Novell? • Better AAs: Java/Tomcat, PHP, ...? • More AAs: IIS? ...? • Extension to non-University people? • Example 'Ravenization' of existing web applications? • Links with Kerberos, Athens, Shiboleth, ...?
For more information... • See http://www.cam.ac.uk/cs/raven/ • Mailing list at cs-raven-devel-request@lists.cam.ac.uk