Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Server Design Assignment #4: Authentication Due: 04/14/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein.

Published byRudolf Barton Modified over 8 years ago

Similar presentations

Presentation on theme: "Web Server Design Assignment #4: Authentication Due: 04/14/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein."— Presentation transcript:

1 Web Server Design Assignment #4: Authentication Due: 04/14/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein

2 Grading To be done by an automated program that will test most (all?) combinations –assignment is listed under the day it is to be demoed in class –each group will give a 3-4 minute status report the week before an assignment is due! If you have a question: –email the class list –mimic the behavior of a well known Apache server (e.g., www.cs.odu.edu)

3 Methods to Support Same as assignments 1-3

4 Status Codes to Support Same as assignments 1-3, plus: –401 Unauthorized

5 Request Headers Same as assignments 1-3, plus –Authorization

6 Response Headers Same as assignments 1 -3, plus: –WWW-Authenticate –Authorization-Info

7 MIME Types, Encodings, etc. All of these as per assignments 1-3: –MIME types –Encoding types –Character sets –Languages

8 Authentication Implement Basic & Digest authentication as per RFC 2617 and Lectures 10 & 11 I’ll construct cnonces like this: –md5(timestamp:method:URI:user:passwd)

9 Specifying Authentication Protection In your server configuration file: –provide private key (any word or phrase) to use in generate nonce & opaque values (yes, this is not the safest way to do this…) –provide a configurable value for how to protect directories: name = “WeMustProtectThisHouse!” –http://www.youtube.com/watch?v=dnECY26PSHkhttp://www.youtube.com/watch?v=dnECY26PSHk all functions combined in a single file for simplicity (you would normally separate them) this file protects the directory it is in, and recursively protects all of its sub-directories

10 WeMustProtectThisHouse! Format (Basic) % cat WeMustProtectThisHouse\! # # Hashed lines are comments # order is not important, but here are # two special lines: # authorization-type=Basic realm=“Folks-Stevens Indoor Tennis Center” # always quote realm since it might have spaces # # user format = name:md5(password) # mklein:d3b07384d113edec49eaa6238ad5ff00 bda:c157a79031e1c40f85931829bc5fc552 jbollen:66e0459d0abbc8cd8bd9a88cd226a9b2

11 WeMustProtectThisHouse! Format (Digest) % cat WeMustProtectThisHouse\! # # Hashed lines are comments # order is not important, but here are # two special lines: # authorization-type=Digest realm=“Colonial Place” # always quote realm since it might have spaces # # user format = name:md5(name:realm:password) # mklein:Colonial Place:53bbb5135e0f39c1eb54804a66a95f08 bda:Colonial Place:b8e13248f7bb96682093c850d5c7da46 jbollen:Colonial Place:c5d7f97a6ac34b393ba2d252c7331d5a

12 Keep in mind: Status report in 1 week!

13 START NOW!!!

Download ppt "Web Server Design Assignment #4: Authentication Due: 04/14/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein."

Similar presentations

The Elbert HTTP Server HTTP Authentication, providing security in tough times By: Shawn M. Jones.

The Elbert HTTP Server HTTP Authentication, providing security in tough times By: Shawn M. Jones.
The Basic Authentication Scheme of HTTP. Access Restriction Sometimes, we want to restrict access to certain Web pages to certain users A user is identified.

The Basic Authentication Scheme of HTTP. Access Restriction Sometimes, we want to restrict access to certain Web pages to certain users A user is identified.
WEB2P security Java web application security Dr Jim Briggs.

WEB2P security Java web application security Dr Jim Briggs.
Hypertext Transport Protocol CS - 328 Dick Steflik.

Hypertext Transport Protocol CS Dick Steflik.
Web Server Design Week 5 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/10/10.

Web Server Design Week 5 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/10/10.
CP476 Internet Computing CGI1 CGI is a common way to provide for specific computations on server side, interactions with users, or access to databases.

CP476 Internet Computing CGI1 CGI is a common way to provide for specific computations on server side, interactions with users, or access to databases.
Web Server Design Week 14 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 4/14/10.

Web Server Design Week 14 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 4/14/10.
Department of Information Technology Chapter 8 - Creating Hypertext links Lecturer: Ms Melinda Chung.

Department of Information Technology Chapter 8 - Creating Hypertext links Lecturer: Ms Melinda Chung.
Web Programming Assignment #4: Searching & Notification due 12/14/2010 Old Dominion University Department of Computer Science CS 418/518 Fall 2010 Martin.

Web Programming Assignment #4: Searching & Notification due 12/14/2010 Old Dominion University Department of Computer Science CS 418/518 Fall 2010 Martin.
Web Programming Assignment #2: Expanded BBS Features due: 10/26/2010 Old Dominion University Department of Computer Science CS 418/518 Fall 2010 Martin.

Web Programming Assignment #2: Expanded BBS Features due: 10/26/2010 Old Dominion University Department of Computer Science CS 418/518 Fall 2010 Martin.
Web Server Design Week 8 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 3/3/10.

Web Server Design Week 8 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 3/3/10.
Web Server Design Week 4 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/03/10.

Web Server Design Week 4 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/03/10.
Web Server Design Assignment #1: Basic Operations Due: 02/03/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin.

Web Server Design Assignment #1: Basic Operations Due: 02/03/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin.
Web Server Design Week 11 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 3/24/10.

Web Server Design Week 11 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 3/24/10.
Web Server Design Assignment #2: Conditionals & Persistence Due: 02/24/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010.

Web Server Design Assignment #2: Conditionals & Persistence Due: 02/24/2010 Old Dominion University Department of Computer Science CS 495/595 Spring 2010.
Web Server Design Week 2 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 1/20/10.

Web Server Design Week 2 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 1/20/10.
Web Server Design Week 7 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/24/10.

Web Server Design Week 7 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 2/24/10.
Web Server Design Week 13 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 4/7/10.

Web Server Design Week 13 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 4/7/10.
Web Server Design Week 15 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 4/21/10.

Web Server Design Week 15 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein 4/21/10.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

Similar presentations

Ads by Google