mod_auth_pam: Patch for session and credential support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello!

I just submitted a patch for mod_auth_pam. (http://sourceforge.net/tracker/index.php?func=detail&aid=1234157&group_id=6663&atid=306663)

This patch enables mod_auth_pam to create a PAM session and to use PAM credentials for a request. The behavior can be configured per directory with the directive AuthPAM_SetCred (on|off, default is off). If on, pam_open_session and pam_setcred will be called. This is useful on AFS if you need the AFS-Token during the request. In this case the logger function is used to destroy the token. The PAM handle is stored for each request in a memory pool that is allocated for this request and automatically removed after the request is done and the session has been closed.

The original patch was written for mod_auth-Pam for Apache 1.3 at the TU Chemnitz. We modified it for mod_auth_pam for Apache 2.

The patch can be used for the original mod_auth_pam for Apache 2 and for the patched version with the PAM servicename as a configuration option (which I find very useful, see http://sourceforge.net/tracker/index.php?func=detail&aid=1058140&group_id=6663&atid=306663)

I'm new to PAM, AFS and Apache programming and my C is rusty, so feedback is welcome.

Berthold Cogel

_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux