[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

PAM session vs. auth



Hi, I am moving between email clients, so I'm going to cut&paste a quote
from xyz:

"Personally, I'd say the "right" way to do this is to use your module in
the
'session' stack if possible, and in the 'acct' stack if the session
functions
aren't called." - Steve

Hmm, I have experimented with it being used in the auth stack but then it
logs the login even if the user is not authenticated simply because the
module is called. Is there a way for me to tell if the previous modules
have actually authenticated the user? I read the administrator's,
application developer's, and module writer's HOW-TO documents, but they
didn't [seem] to delve into any of this.

I suppose by using the acct stack I get past the authentication issue
entirely. However, can I assume that all services will actually use the
acct stack? I know that at a minimum they will be using the auth stack,
and that's why I went that route. It seems to me that the acct stack
presents the same problem as the session stack--not everyone will use it.

Thanks, Dustin





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []