[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

mod_auth_pam: Patch for session and credential support


I just submitted a patch for mod_auth_pam. (http://sourceforge.net/tracker/index.php?func=detail&aid=1234157&group_id=6663&atid=306663)

This patch enables mod_auth_pam to create a PAM session and to use PAM credentials for a request. The behavior can be configured per directory with the directive AuthPAM_SetCred (on|off, default is off). If on, pam_open_session and pam_setcred will be called. This is useful on AFS if you need the AFS-Token during the request. In this case the logger function is used to destroy the token.
The PAM handle is stored for each request in a memory pool that is allocated for this request and automatically removed after the request is done and the session has been closed.

The original patch was written for mod_auth-Pam for Apache 1.3 at the TU Chemnitz. We modified it for mod_auth_pam for Apache 2.

The patch can be used for the original mod_auth_pam for Apache 2 and for the patched version with the PAM servicename as a configuration option (which I find very useful, see http://sourceforge.net/tracker/index.php?func=detail&aid=1058140&group_id=6663&atid=306663)

I'm new to PAM, AFS and Apache programming and my C is rusty, so feedback is welcome.

Berthold Cogel

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]