Page 1 of 1

Password-less authentication for web site

Posted: Fri Dec 08, 2006 3:25 pm
by amir
Hi All,

I'm looking for a way to allow users to "authenticate" on my web site without a password. Essentially doing the same as ssh public key authentication. I was hoping to to be able to email user who can access my site a certificate / token or something similar which they store on their machine. Then I would have a piece of PHP code to validate that certificate / token. If they could be validated then they could see the site - if not then they get redirected to another page explaining that access is denied.
Does anyone out ther have any ideas?

Thanks.

Posted: Fri Dec 08, 2006 3:27 pm
by Luke

Posted: Fri Dec 08, 2006 5:35 pm
by mibocote
You would need something that can interact with the clients filesystem (like a java applet) that can also interact with your server. You could also write a small firefox plugin that sends the key.

Posted: Fri Dec 08, 2006 11:10 pm
by neel_basu
You Can Use Use fso Object with AJAX

Posted: Sat Dec 09, 2006 1:37 am
by volka
Client certificate authentication is usually handled by the webserver (or a webserver module) not a php script.
e.g. http://www.modssl.org/docs/2.8/ssl_howt ... uth-simple