210 lines
3.7 KiB
HTML
210 lines
3.7 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Access control in NNTPd</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
|
|
"><LINK
|
|
REL="HOME"
|
|
TITLE="Usenet News HOWTO "
|
|
HREF="index.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Security issues"
|
|
HREF="x758.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Components of a running system"
|
|
HREF="component.html"></HEAD
|
|
><BODY
|
|
CLASS="SECTION"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
SUMMARY="Header navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Usenet News HOWTO</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="x758.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
></TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="component.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECTION"
|
|
><H1
|
|
CLASS="SECTION"
|
|
><A
|
|
NAME="AEN818">8. Access control in NNTPd</H1
|
|
><P
|
|
>The original NNTPd had host-based authentication which allowed clients
|
|
connecting from a particular IP address to read only certain newsgroups.
|
|
This was very clearly inadequate for enterprise deployment on an
|
|
Intranet, where each desktop computer has a different IP address, often
|
|
DHCP-assigned, and the mapping between person and desktop is not static.</P
|
|
><P
|
|
>What was needed was a user-based authentication, where a username and
|
|
password could be used to authenticate the user. Even this was provided
|
|
as an extension to NNTPd, but more was needed. The corporate IS manager
|
|
needs to ensure that certain Usenet discussion groups remain visible only
|
|
to certain people. This authorisation layer was not available in NNTPd.
|
|
Once authenticated, all users could read all newsgroups.</P
|
|
><P
|
|
>We have extended the user-based authentication facility in NNTPd in some
|
|
(we hope!) useful ways, and we have added an entire authorisation layer
|
|
which lets the administrator specify which newsgroups each user can
|
|
read. With this infrastructure, we feel NNTPd is fit for enterprise
|
|
deployment and can be used to handle corporate document repositories,
|
|
messages, and discussion archives. Details are given below.</P
|
|
><DIV
|
|
CLASS="SECTION"
|
|
><H2
|
|
CLASS="SECTION"
|
|
><A
|
|
NAME="AEN823">8.1. Host-based access control</H2
|
|
><P
|
|
>TO BE ADDED LATER</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECTION"
|
|
><H2
|
|
CLASS="SECTION"
|
|
><A
|
|
NAME="AEN826">8.2. User authentication and authorisation</H2
|
|
><DIV
|
|
CLASS="SECTION"
|
|
><H3
|
|
CLASS="SECTION"
|
|
><A
|
|
NAME="AEN828">8.2.1. The NNTPd password file</H3
|
|
><P
|
|
>TO BE ADDED LATER</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECTION"
|
|
><H3
|
|
CLASS="SECTION"
|
|
><A
|
|
NAME="AEN831">8.2.2. Mapping users to newsgroups</H3
|
|
><P
|
|
>TO BE ADDED LATER</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECTION"
|
|
><H3
|
|
CLASS="SECTION"
|
|
><A
|
|
NAME="AEN834">8.2.3. The <TT
|
|
CLASS="LITERAL"
|
|
>X-Authenticated-Author</TT
|
|
> article header</H3
|
|
><P
|
|
>TO BE ADDED LATER</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECTION"
|
|
><H3
|
|
CLASS="SECTION"
|
|
><A
|
|
NAME="AEN838">8.2.4. Other article header additions</H3
|
|
><P
|
|
>TO BE ADDED LATER</P
|
|
></DIV
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x758.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
ACCESSKEY="H"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="component.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Security issues</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Components of a running system</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |