Web Server Design Assignment #4: Authentication

Slides:



Advertisements
Similar presentations
Web Server Design Week 4 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/03/10.
Advertisements

Web Server Design Assignment #1: Basic Operations Due: 02/03/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin.
Web Server Design Week 11 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 3/24/10.
Web Server Design Assignment #2: Conditionals & Persistence Due: 02/24/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010.
Web Server Design Week 13 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 4/7/10.
Web Server Design Assignment #4: Authentication Due: 04/14/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein.
Web Server Design Assignment #3: Transfer Encoding & Content Negotiation Due: 03/24/2010 Old Dominion University Department of Computer Science CS 495/595.
Web Server Design Assignment #5: Unsafe Methods & CGI Due: 05/05/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin.
Web Server Design Week 12 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 3/31/10.
Web Server Design Week 10 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 3/17/10.
Web Server Design Week 13 Old Dominion University Department of Computer Science CS 495/595 Spring 2012 Michael L. Nelson 04/03/12.
Web Server Design Week 3 Old Dominion University Department of Computer Science CS 495/595 Spring 2006 Michael L. Nelson 1/23/06.
Web Server Design Week 6 Old Dominion University Department of Computer Science CS 495/595 Spring 2006 Michael L. Nelson 2/13/06.
Web Server Design Assignment #5: Unsafe Methods & CGI
Web Server Design Assignment #2: Conditionals & Persistence
Web Server Design Week 11 Old Dominion University
Web Programming Assignment #1: Basic BBS Operations
Web Server Design Assignment #5 Extra Credit
Economics of Information Week 1
Web Server Design Week 4 Old Dominion University
Web Server Design Week 12 Old Dominion University
Introduction to Digital Libraries Assignment #3
Web Server Design Week 15 Old Dominion University
Web Server Design Week 5 Old Dominion University
Web Server Design Week 13 Old Dominion University
Web Server Design Assignment #2: Conditionals & Persistence
Web Server Design Week 16 Old Dominion University
Web Server Design Week 16 Old Dominion University
Introduction to Digital Libraries Assignment #3
Web Server Design Assignment #2: Conditionals & Persistence
Old Dominion University Department of Computer Science
Web Server Design Week 6 Old Dominion University
Web Server Design Week 10 Old Dominion University
Web Programming Assignment #2: Expanded BBS Features
Web Server Design Week 13 Old Dominion University
Web Programming Assignment #2: Expanded BBS Features
Web Server Design Week 13 Old Dominion University
Peer-to-Peer Information Systems Week 6: Assignment #4
Introduction to Digital Libraries Assignment #2
Introduction to Digital Libraries Assignment #3
Web Server Design Week 11 Old Dominion University
Web Server Design Week 5 Old Dominion University
Web Server Design Week 11 Old Dominion University
Web Server Design Week 3 Old Dominion University
Web Server Design Week 4 Old Dominion University
Web Programming Assignment #4: Searching & Notification
Web Server Design Week 16 Old Dominion University
Web Programming Assignment 4 - Extra Credit
Web Server Design Week 12 Old Dominion University
Web Programming Assignment 4 - Extra Credit
Web Server Design Week 12 Old Dominion University
Web Server Design Week 14 Old Dominion University
Web Server Design Assignment #1: Basic Operations
Peer-to-Peer Information Systems Assignment #3
Peer-to-Peer Information Systems Week 6: Assignment #4
Introduction to Digital Libraries Assignment #2
Web Programming Assignment #1: Basic BBS Operations
Peer-to-Peer Information Systems Week 6: Assignment #3
Introduction to Digital Libraries Assignment #3
Introduction to Digital Libraries Assignment #3
Peer-to-Peer Information Systems Assignment #2
Web Server Design Assignment #5 Extra Credit
Web Programming Assignment #1: Basic BBS Operations
Introduction to Digital Libraries Assignment #1
Peer-to-Peer Information Systems Week 12: Assignment #5
Old Dominion University Department of Computer Science
Web Programming Week 1 Old Dominion University
Introduction to Digital Libraries Assignment #4
Introduction to Digital Libraries Assignment #2
Web Programming Assignment #3: Admin and User Functions
Presentation transcript:

Web Server Design Assignment #4: Authentication Old Dominion University Department of Computer Science CS 495/595 Spring 2007 Michael L. Nelson <mln@cs.odu.edu>

Grading To be done by an automated program that will test most (all?) combinations assignment is listed under the day it is to be demoed in class each group will give a 3-4 minute status report the week before an assignment is due! If you have a question: email the class list mimic the behavior of a well known Apache server (e.g., www.cs.odu.edu)

Methods to Support Same as assignments 1-3

Status Codes to Support Same as assignments 1-3, plus: 401 Unauthorized

Request Headers Same as assignments 1-3, plus Authorization

Response Headers Same as assignments 1 -3, plus: WWW-Authenticate Authorization-Info

MIME Types, Encodings, etc. All of these as per assignments 1-3: MIME types Encoding types Character sets Languages

Authentication Implement Basic & Digest authentication as per RFC 2617 and Lectures 11 & 12 I’ll construct cnonces like this: md5(timestamp:method:URI:user:passwd)

Specifying Authentication Protection In your server configuration file: provide private key (any word or phrase) to use in generate nonce & opaque values (yes, this is not the safest way to do this…) provide a configurable value for how to protect directories: name = “WeMustProtectThisHouse!” http://www.youtube.com/watch?v=dnECY26PSHk all functions combined in a single file for simplicity (you would normally separate them) this file protects the directory it is in, and recursively protects all of its sub-directories

WeMustProtectThisHouse! Format (Basic) % cat WeMustProtectThisHouse\! # # Hashed lines are comments # order is not important, but here are # two special lines: authorization-type=Basic realm=“Lane Stadium” # always quote realm since it might have spaces # user format = name:md5(password) mln:d3b07384d113edec49eaa6238ad5ff00 bda:c157a79031e1c40f85931829bc5fc552 jbollen:66e0459d0abbc8cd8bd9a88cd226a9b2

WeMustProtectThisHouse! Format (Digest) % cat WeMustProtectThisHouse\! # # Hashed lines are comments # order is not important, but here are # two special lines: authorization-type=Basic realm=“Colonial Place” # always quote realm since it might have spaces # user format = name:md5(name:realm:password) bda:Colonial Place:b8e13248f7bb96682093c850d5c7da46 jbollen:Colonial Place:c5d7f97a6ac34b393ba2d252c7331d5a mln:Colonial Place:53bbb5135e0f39c1eb54804a66a95f08 vaona:Colonial Place:fbcc0f347e4ade65a337a4febc421c81