HOBA - No Passwords at all! Code
HTTP Origin Bound Authentication (HOBA)
Status: Alpha
Brought to you by:
stephen_farrell
Menu
▾
▴
Tree [caec3a] master / History
Stephen Farrell
Read Me
#
# HOBA - No Password HTTP Authentication
#
# Yes, this is the README file:-)
#
# Copyright (C) 2013,2014 Tolerant Networks Limited
#
# Stephen Farrell, <stephen@tolerantnetworks.com>
#
# This program is free software, distributed under the terms of
# the GNU General Public License
#
The following files/directories are here:
LICENSE - Says that we're using dual-license: GPL or
one you buy from us
COPYING - The GPL
TODO - guess?
README - this file
Makefile - top level Makefile, for code and doxygen
bash - some scripts for stuff, uses ../lib/hoba-cli
for register/login
lib - C++ code emulating what an HTTP client might do;
early proof-of-concept code, but works
php - PHP scripts for an Apache server to do the server
side of HOBA, these need redis and predis
phpmgmt - PHP scripts for managing the DB
js - Javascript for in browser HOBA code
doc - typical doxygen stuff, check out doc/latex/refman.pdf
(first run make, if need be)
www - files and scripts for populating a HOBA web site
(see www/doinst for install stuff)
wp - wordpress plugin
chrome - the beginnings of a chrome extension, not yet
functional
stats - some tooling for taking stats (just rsa key gen/sig
in JS for now)
To install a apache web site from this for the example.com domain
with all its files in /var/foo you need to do:
sudo make install-www ARGS="example.com /var/foo"
Check out www/doinst (which is the business end of the above) to
see what happens there *before* you do that in case your site
differs too much from what we've assumed. Our scripts assume you
want to setup a new VirtualHost that's a HOBA demo site, so if
that's not what you want you'll need to modify them.
Prerequisites for the server (more probably needed and we'll add
as we go):
- Linux (we use Ubuntu 12.04, other linuxes should be
fine), no idea about other platforms. Try it and
let us know.
- For the web server: Apache, redis, predis, mod_fgcid,
php-cgi, phpqrcode, rngtest,
- Things I use, maybe you don't need, not sure:
mod_spdy, wordpress
- Others: php, gcc, make, doxygen, curl, yui-compressor
and stuff I forgot:-)
Probably the simplest way to try out HOBA is on a new VirtualHost
on localhost - add some domain name to your local hosts file,
then use the make command above to install that.
One last note - read the FAQ [1] and please do only use HOBA over
TLS - it makes a lot more sense if you really want to use it.
And any questions or feedback, we'd appreciate if you use our
dev@hoba.ie mailiing list [2] so its archived and maybe useful to
someone else later.
Thanks,
Stephen & Kerry.
[1] https://hoba.ie/faq.html
[2] https://hoba.ie/hobalist
