LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 04-21-2018, 08:19 PM   #1
des_a
Member
 
Registered: Sep 2006
Posts: 855
Blog Entries: 33

Rep: Reputation: 20
Web Development: How to Password Protect a Site - Like Routers and LQ


Don't know if these are what I need or not:

https://www.linuxquestions.org/quest...er-4175449238/

https://www.linuxquestions.org/quest...he-web-429148/

https://www.linuxquestions.org/quest...ectory-139462/

...

Just looking for general information for now about it. I'm thinking it should be sort of like routers, and also sort of like LQ.

I'm thinking, that for the long term, I'd like to do this:

* Have a backend for users and passwords, which may eventually get large, but since we're dealing with .txt files underneath, it would take awhile to fill up a 10GB hard drive, even with the underlying OS.

* This backend, would probably be a type of NIS or NIS+

* I'd want to hook this up with Samba, right away, where I have Samba running and Samba gets the info from that server. Maybe later, throw LDAP somewhere in the mix, but not for now.

This is what I call my Identity Information Server, or IIS.

* Then, after I have the IIS, I want to hook that up to things like websites, by using the login information from there, to authenticate on the website.

I'd like it to be self-sign up with a custom form, but that'd come later, after I prove that this part will work.

This would somehow be separate, but with a type of special link, to my regular login system, which for now, I'm developing. That way, people on the IIS, have access to my network, but it's somehow isolated, and regular logins work. Regular logins are just for basic network access. People on the IIS, on the other hand, would be able to sit at a computer and login with their credentials as well, but would also be able to access web services of certain types.

Later, for my own OSs, this would be one thing I'd want to add into the code for logins. In this way, things are sort of like a Google Account, or Microsoft Account. One login for everything. Maybe it works like Google logins. But maybe, I can actually separate the services too, so that each service has to be enabled from a dash-board or something. I don't want to allocate disk space for every service each time a user is created, or something like that. Mainly here, I'm concerned with disk space. If no disk space is used, it could work more like Google, everything is there, whether you use it or not.

The long term goal, is to create a new platform for single sign on, where users can use my system, and have access to my services. However, once it gets to that point, I'd want a system that would allow them to create accounts here, using the authority of other popular single sign on systems, such as Google, Microsoft, and Facebook. The default they should use on my system, is an e-mail address and a username, like LQ.

Whichever way they sign up for my system, it should give them access to my system. Basically, if someone uses my interface for logging on to their site, it should provide access to all of those major services, without breaking those terms of service or anything. However, it should make sure the user knows this, and it should make sure the user has details. The access to those other things, would be options, they could turn on or off. And like I said, they could use an account that they already created for those sites to login to my system, and create an account that way, which would not create a new account at that service or anything.

That's the idea of what I want to do. For now, I just need some basic knowledge of whether my concept is sound, and some basic examples of logging onto my system, with that type of back end. Both some code/configuration to access the account, and some to create the account. This kind of setup is not going to happen or be coded overnight for me.

The next actual step, is to finish the standards for users and groups on my network, and then to begin to implement that. First, I use local management everywhere. Then, I move to centralized PDCs, and implement that without completely doing away with the other.

Then, I add a Microsoft Account interface, and in the case of Androiod, make sure my Google Account interface is good to go, and those are linked with both the Microsoft accounts and PDC/Local accounts.

That would be my basics. Then, I can start to implement the IIS, and figure out how it will be linked to the other system, as a type of a user-gateway, or something. It's semi-linked to local management, but almost directly linked to PDCs. Then, I actually add code in websites and stuff needed for that. Anything, whether this is "normally" bad practice or not, that creates a user in the web sites, will create a user in Linux, ultimately. In this case, that practice is okay. There will be enough security in place. The only place it will be creating those users, will be on the IIS. However I do it, they may or may not have high permissions on the IIS and some other places, but in general, on the network as a whole, they would have pretty low permissions. Especially, on the internal structure.

Hope this question isn't too odd, or general to answer.
 
Old 04-21-2018, 08:31 PM   #2
des_a
Member
 
Registered: Sep 2006
Posts: 855

Original Poster
Blog Entries: 33

Rep: Reputation: 20
One of the reasons I want to bridge them like this, is because there are too mamy existing single sign on's. I want to create my own, but I don't want people to have to choose between using mine or using theirs, as such. I want to be able to provide access to my services with single sign on. However, I don't want to make users choose mine for single sign on, just to get my services. I also, don't want choosing mine to mean that they can't use others, if that is all they want to use for single sign on.

Eventually, mine would work a lot like Microsoft Accounts for my own OSs. They would allow settings to be transferred over to different devices, but mine would also have other concepts, such as local accounts, like Microsoft has.
 
Old 04-21-2018, 09:09 PM   #4
des_a
Member
 
Registered: Sep 2006
Posts: 855

Original Poster
Blog Entries: 33

Rep: Reputation: 20
They start to give me ideas on how it could work...

I probably don't want a user to automatically have access to every service with a login, even if it doesn't take up disk space. I want them to have access to a dashboard, and just that first. Then they have to choose which to give access to, and then their single sign on will give access to the chosen things. I don't know how that would work, but I think that's how I want it to operate.
 
Old 04-21-2018, 09:10 PM   #5
des_a
Member
 
Registered: Sep 2006
Posts: 855

Original Poster
Blog Entries: 33

Rep: Reputation: 20
For now, I don't want to see complete code examples or anything. I want to see snippets, or test HTML pages, that would have this information implemented. And to know if the theory is sound. If the theory is not sound, I can forget it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
password protect web server lleb Linux - Newbie 9 02-10-2013 02:11 PM
Password protect web folders dilemma rectospander Linux - Server 2 07-19-2007 03:28 AM
Password Protect Web Dir ALInux Linux - Security 9 08-11-2006 01:16 PM
How do I password protect ~/public_html on the web? brynjarh Linux - Security 2 03-29-2006 02:11 PM
How to password protect a web directory abdulber Linux - Software 1 01-28-2004 12:34 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 06:43 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration