Shared libraries for WebAuth authentication
WebAuth is a cookie-based web authentication system built on top of
Kerberos. It relies on a central authentication server that handles all
user authentication for a domain and creates user authentication
credentials for any web server that needs strong authentication.
This package contains the shared library used by the WebAuth modules,
Perl bindings, and command-line utilities. It does token encoding and
decoding and other lower-level parts of the WebAuth protocol.
webauth (3.6.0-1+lenny1) stable-proposed-updates; urgency=high
* CVE-2009-2945: When generating a redirect to test for cookie support,
be sure not to include a password in the URL. Reject
username/password logins via methods other than POST.
* If the user submits the login form via POST without the test cookie,
assume the browser supports cookies and don't probe.
-- Russ Allber
WebAuth Change History
WebAuth 3.6.0 (2008-03-22)
*) Allocate all note keys and values in the top-most request pool in
mod_webauth, avoiding problems with prematurely freed internal data
structures. This fixes problems with checking access permissions of
subdirectories in mod_autoindex and may have fixed problems elsewhere.
Thanks to Ian Ward Comfort f
Packaged for Debian by Russ Allbery <email@example.com> 2004-06-23
It was downloaded from:
The WebAuth v3 protocol and core implementation was written by Roland
Schemers, based on design documents by the entire Stanford WebAuth
team (with considerable work by Tim Torgenrud and Booker Bense) and
based in part on the fu
Browse inside libwebauth1_3.6.0-1+lenny1_i386.deb
Results 1 - 1 of 1Search over 15 billion files
© 1997-2016 FileWatcher.com