On Thu, 2009-07-16 at 10:52 -0400, John Almberg wrote: > I am trying to build a set of web applications that are accessed > through a web portal that uses a Single Sign On (SSO) solution.
Combine your SSO (LDAP mostly, Kerberos is a waking nightmare) with a 2FA/TFA (Second Factor Authentication) solution such as grid cards, FOBs, or an OTP password list. I recommend Entrust IdentityGuard. Our pam_radius works fine with it, and web application can run NSS functionality out of LDAP and PAM functionality out of Entrust's SOAP-XML Authentication API. ~BAS _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"