Conversation function with both user and password prompt

[Thorsten Kukuk]

On Tue, Sep 25, Richter, Jörg wrote:

> I wrote an application with my own conversation function to display and answer the pam requests with the help of a gui. 
> 
> I also included support for multiple pam_message's in one conversation call.  This has the benefit to present the user only one dialog with two input field for user and password. 
> 
> But pam doesn't seem to use this functionality.  It always calls the conversation function two times (resulting in two dialogs).

Since there are two ways of how to handle multiple pam_messages in one
conversation call (Linux-PAM and Solaris are different/incompatbile here),
most PAM modules don't use this feature of the conversation interface.

> I know that every pam module can decide for itself what messages it wants to query from the application. But is there a way to force i.e. pam_unix to call the conversation function with user and password?

There is no way to force a module of how it should query for 
user and password.

> I can also imagine a pam module that queries user and password with one conversation call and stores it in pam_handle_t. Than tell pam_unix somehow to use this items instead of making new calls. 
> Is this possible? Does this imaginary pam module exist?

This should be possible, but I don't know about such a existing
module.

  Thorsten

-- 
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Markus Rex, HRB 16746 (AG Nuernberg)