Re: user password expiration?

From: Henrik Nordstrom <[email protected]>
Date: Mon, 10 Jan 2000 17:46:59 +0100

Flor,Riklef wrote:

> Does anyone know of a Squid module that allows you to expire
> authentication passwords using the ncsa_auth method?

???

nsca_auth is a Squid module for Basic HTTP-proxy authentication with
plaintext usernames+passwords. It is also a format for password files
where the password is stored encrypted using standard unix crypt(). The
"standard" NCSA password file format does not include password aging or
expiration information and thus the ncsa_auth Squid module knows nothing
of such. You can however easily extend the file format to include this
if you need to.

There exists other Squid modules using other password databases, some of
which includes password aging or expiration.

> as password expiration every 90 days. We are planning to use
> NIS+ to synchronize the passwd files, but the expiration
> piece has me stumped.

If you distribute the passwords using NIS+ as standard account names,
then you'd probably want to use a derivate of the getpwnam_auth module
extended to support password aging/expiration or my PAM module. Both are
included in the Squid-2.3.STABLE1 release (no, the getpwnam_auth module
as distributed does not know about password aging/expiration).

--
Henrik Nordstrom
Squid hacker
Received on Mon Jan 10 2000 - 16:26:09 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:18 MST