Opened 5 years ago
Closed 5 years ago
#27 closed Enhancement (fixed)
Standard login system to go through PAM
| Reported by: | marcus | Owned by: | marcus |
|---|---|---|---|
| Priority: | high | Milestone: | |
| Component: | Version: | ||
| Severity: | major | Keywords: | |
| Cc: | brettp | Difficulty: |
Description
Hi all,
Currently I'm coding the LDAP plugin, but have run into an issue with
PAM. I falsely assumed everything was going through pam_authenticate(),
including the regular login but this isn't the case, so although an
authentication handler is registered, it will never get called. There
are two ways to go about this, one is creating a separate login box for
use with LDAP and an associated action, etc. or two, the regular
authenticate() goes through pam as well with the login action calling
pam_authenticate() exclusively.
I would prefer the second option, but that leaves the problem of current
authenticate() returning a User object whereas PAM authentication
handlers solely require to return a boolean. So they will also need to
return a User object to fit in this scheme. Thoughts?
Misja
Change History (2)
comment:1 Changed 5 years ago by marcus
- Owner set to marcus
- Status changed from new to assigned
comment:2 Changed 5 years ago by marcus
- Resolution set to fixed
- Status changed from assigned to closed
