[LON-CAPA-admin] local auth

Guy Albertelli II guy at albertelli.com
Fri Dec 5 15:17:10 EST 2003

Hi Hon-Kie,

> Recently - the day before Thanksgiving - the certificate for our local auth 
> expires. After getting the new certificate, it was quite a fiddle to get it 
> to work and this brings my questions. What are the necessary steps required 
> to update localauth.pm? From my experiments, it seems to go something like 
> this:
> 1. Update the certificate at the library server.
> 2. Restart loncontrol

That is correct.

> 3. Restart httpd (may not be necessary)

This isn't needed but doesn't hurt.

> The problem was I started by updating the certificate on an access server 
> and no matter what I did, I could not get it to work. It seems it is not 
> necessary the cert on the access server. Am I right? If so, then 
> localauth.pm is not used by the access server??

Correct, all authentication takes place on the user's homeserver.

Access servers are dumb.

(This is done, because only the home server knows how to authenticate
the user, if an fsu student logs into a msu access server, you
wouldn't want the msu access server to have to have your localauth.pm
and certificates, and ...)

guy at albertelli.com  LON-CAPA Developer  0-7-5-2-

More information about the LON-CAPA-admin mailing list