On Wed, 2003-01-08 at 16:52, Steve Langasek wrote: > On Wed, Jan 08, 2003 at 04:16:02PM -0200, Leandro Rodrigo Saad Cruz wrote: > > Hi all. I've never written a module to authenticate users with PAM. Now > > I have to do it using MSSQL server and allow the user if he has the > > right permission set on a table, like this : > > > username password hasEmailAccount hasWebAccount hasXXXAcount > > leandro leandro true false false > > > So, for example, if want to check my emails on a popd, I will, but I > > can't use the web through squid or XXX. > > > Is it possible to write a module to do this without changing the client > > application ? ( using the conversation mechanism ). > > I know of modules that do the same thing for mysql and pgsql, so it is > possible. The 'hasXXXAccount' could be handled within the module by > mapping service names to database fields. Can you point me any of these modules ? > > >From a security standpoint, it is not recommended to use a networked, > plaintext protocol SQL database for your PAM backend. you are right, we are using it in a very restricted portion of our network. > > -- > Steve Langasek > postmodern programmer -- Leandro Rodrigo Saad Cruz IT - Inter Business Tecnologia e Servicos (IB) http://www.ibnetwork.com.br http://jakarta.apache.org/ojb _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
