Re: [hylafax-users] PAM authentication and JobProtection

[Giuseppe Sacco <giuseppe@xxxxxxxxxxxxxxxxxxxxxxxxx>]

Il giorno ven, 10/12/2010 alle 12.00 -0500, Aidan Van Dyk ha scritto:
[...]
> PAM is "authentication only".  So, on systems that use LDAP for system
> users, etc, you always have to couple libpam-ldap and libnss-ldap.
> 
> PAM provides the "authentication" half, and then NSS provided all the
> "name services" like  unix user/group.

Is there any other mechanism that provide both authentication and "name
services", or authentication and "identities"?

> So if we don't want to require the *system* to use LDAP for NSS, we're
> going to have to go directly to "backend direct" like LDAP.  Of
> course, that means we loose the ability to plug into anything else
> easily (like databases, pwdfile, etc).  That means moving from runtime
> flexibility, to compile-time selection of what to include.  If we want
> to go that way, we really should go to a "loadable module" type
> interface, so that packagers don't have to force HylaFAX to depend on
> everything (like all of ldap, libmysql, libpq, and whatever type of
> authentication mechanism we decide to build in directly).

Is there any alread yavailable framework for this? Would SASL be a good
choice?

Bye,
Giuseppe


____________________ HylaFAX(tm) Users Mailing List _______________________
  To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
 On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
  *To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*