On Tue, 28 Sep 2004 19:12:35 +0100 (BST), Jason Clifford <jason@xxxxxxxxxx> wrote: > On Tue, 28 Sep 2004, Jason DiCioccio wrote: > > > Thanks for the response. This module is actually designed for boxes > > that have quite a few IPs bound to them. I need to know what address > > the client is connecting to on the box. For example, I could have a > > box with 10.1.1.1 and 10.1.1.2 bound to it. If you connect to my > > server, I need to know if you're connecting to 10.1.1.1 or 10.1.1.2, > > this is part of our authentication. Is there a way for me to find > > this out? > > This seems to be a matter for the application rather than PAM - certainly > that's how I've always implemented such requirements. > > For example one of my apache servers, which does virtual hosting, uses > PAM to authenticate multiple sites - each from a different PAM > configuration. All I have to do is to ensure that I have mod_auth_pam > altered a little so the configuration is user selectable and then list the > relevant configuration in the access control definitions within apache. > > Similarly your application's calls to PAM should set the service to use > based upon the data it knows. > > Jason Clifford > -- > UKFSN.ORG Finance Free Software while you surf the 'net > http://www.ukfsn.org/ ADSL Broadband from just £22.50 / month > > Thanks Jason (wow, there's a lot of Jasons).. This was unfortunately the answer I was expecting. The reason behind the PAM module is so that we wouldn't have to modify the code for our various services each time we wanted to upgrade them. However, I suppose adding a couple of lines to the code is still a lot better than having to add ~200 lines. Thanks! Jason DiCioccio _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
