Ian Bicking: the old part of his blog

Re: More on single-signon

I am also interested in mod_auth_tkt.

I didn't already try it but mod_auth_tkt seems to be THE solution I am looking for performant, secure and cheap authentication. With this solution, the authentication phase (password control) is independent of the access phase (ticket control). So you can use a normal php page to check the password, you can use your own password encryption for transmission on the net (better than basic authentication!!!) and you can put the passwords and users in a mySql database (better than .htpasswd files). No need for expensive SSL and certificate. You must just create the ticket cookie in your "password check" php page.

BUT there are 2 problems : it doesn't work if "servername" is used in the config file. Thus I suppose it cannot be used for hosting (shared web server). In addition, there is not yet a version for Apache 2.

If you have solutions for these 2 problems, I am interested.

Comment on More on single-signon
by Regloor