Generally, I dislike system level authentication. For email, I use Vpopmail (www.inter7.com) which allows me to completely sandbox the email system. Vpopmail supports many different types of authentication. I use Courier-Imap (same URL) and it supports basically the same auth methods as Vpopmail.
TWIG (twig.screwdriver.net) works well with my Vpop setup because it has virual domain support built in.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The original purpose of this package was to give users of a particular system access to their account through a web interface. Using system authentication just cut off a step between web account and system account synchronization.
That being said, at some point, I would like to explore other options of authentication. This would include database, LDAP, Kerberos, PAM, or anything else that may come down the pipe.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I prefer database authentication myself, using the md5 hash. Not only does this store the information in a much more preferred and secured method, it also allows the administrator implement database level grouping, which allows stuff like specific system-level access on a per-user or user-type basis. ... ... ... One question I had was if there was thoughts of porting this to mysql?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Currently, CliServ only relies on system accounts for authentication (it make future modules like e-mail and file sharing a little easier).
Should alternate authentication methods be supported like database-only? Thoughts and opinions would be appreciated.
Generally, I dislike system level authentication. For email, I use Vpopmail (www.inter7.com) which allows me to completely sandbox the email system. Vpopmail supports many different types of authentication. I use Courier-Imap (same URL) and it supports basically the same auth methods as Vpopmail.
TWIG (twig.screwdriver.net) works well with my Vpop setup because it has virual domain support built in.
The original purpose of this package was to give users of a particular system access to their account through a web interface. Using system authentication just cut off a step between web account and system account synchronization.
That being said, at some point, I would like to explore other options of authentication. This would include database, LDAP, Kerberos, PAM, or anything else that may come down the pipe.
I prefer database authentication myself, using the md5 hash. Not only does this store the information in a much more preferred and secured method, it also allows the administrator implement database level grouping, which allows stuff like specific system-level access on a per-user or user-type basis. ... ... ... One question I had was if there was thoughts of porting this to mysql?