TYPO3 Neos Authentication System
Core-5.0 Authentication Subsystem
Summarizing the knowledge of existing authentication systems, researching (dis)/advantages and get an overview how to build a powerful authentication system that is powerful enough to use several of these backends.
Existing Authentication Systems
- Pluggable Authentication Modules (Linux/Solaris)
- Radius (AAA System)
- Windows Authentication Service
- Public Key Authentication (Cert based SSO) with information base in the backend
- Integrate Apache2 authentication mechanisms (would enable different mechanisms like sasl,pam,kerberos,ldap... and admins could simply define appropriate .htaccess files)
- Radiaus (not really supportable)
Hashing algorithms and the security level
Pluggable Authentication Modules
The "Pluggable Authentication Modules" (short PAM) is a very flexible and stackable authentication/... system and the industry standard of Linux and Solaris. To get a fast overview refer the presentation sheet of SUN PAM Presentation Sheet
Requirements for the Core-5.0 AAA System
- Split Authentication/Authorization/Accounting
- Use content repository / and any other backend driver (apache authentication/system authentication)
- Using LDAP inetorgperson as basic reference for user informations and MD5 as hashing algorithm?
- Splitting Authentication/Authorization/Accounting and implementing the "PAM core"?
- Researching the API requirements to lay on top of content repository with one leg, on other systems with the other leg?