[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Autentication in CGIs via PAM


I'm writing a system administration tool with, among many things, a CGI
frontend.  This CGI needs to authenticate users before allowing them access to
certain functions.

To be compatible with whatever password database I'm going to use on my system,
I would like to use PAM to do the authentication, but the concept of the
conversational function badly fits with the stateless approach of CGI

I have two problems right now:
 1) The conversational function would need to write an HTML form and exit, to
    find its data in the next invocation of the program, and it seems
    impossible to me to code that;
 2) In the conv. function, I know how to prompt the user for input, but I don't
    know what input I'm prompting for; this makes things difficult for two
     a) it's difficult to provide user friendly or internationalized forms, or
        forms with a little help on what are they asking about;
     b) if I work around problem 1) asking for data on a special form before
	calling the conversational function, I don't know how to associate user
	fields with the appropriate PAM questions, besides using the PAM prompt
	as a key; this approach could solve many things, but what warranties do
	I have that the prompts will never change?

				Read you soon! Enrico

GPG public key available on finger -l zinie@cs.unibo.it

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []