Apache::AuthPAM - Authenticate apache request using PAM services
# /etc/httpd.conf <Directory /var/www/https/secured-area/> AuthType Basic AuthName "your server account" PerlAuthHandler Apache::AuthPAM PerlSetVar PAMservice check_user require valid-user </Directory> # /etc/pam.d/check_user #%PAM-1.0 auth required /lib/security/pam_pwdb.so nodelay account required /lib/security/pam_pwdb.so
This perl module is designed to work with mod_perl and the Authen::PAM module.
You can select the PAM service setting the perl var PAMservice
PerlSetVar PAMservice the-pam-service-you-want
You can select different PAM services for different directories or locations in your web server filesystem space.
Apache::AuthPAM works as follows:
First, it calls pam_start with the selected service. Second, it calls pam_authenticate with the browser/apache supplied username and password. Later, it calls pam_acct_mgmt. And finally it calls pam_end. If any of the PAM functions fail, Apache::AuthPAM logs an info level message and returns AUTH_REQUIRED. If all PAM functions are succesfull, Apache::AuthPAM logs an info level message and returns OK.
pam_start
pam_authenticate
pam_acct_mgmt
pam_end
AUTH_REQUIRED
OK
If you are going to use your system password database, you MUST also use mod_ssl.
I'am using a global symbol.
Apache::AuthPAM is running as the same user mod_perl is running (on RedHat Linux it is apache). It is running without privileges.
Héctor Daniel Cortés González <hdcg@cie.unam.mx>
Apache::AuthPAM is a direct adaptation of Demetrios E. Paneras' <dep@media.mit.edu> Apache::AuthenNISplus. Authen::PAM is written by Nikolay Pelov <nikip@iname.com>. The sample PAM application check_user.c was contribuited by Shane Watts with modifications by AGM.
This apache perl module is Free Software, and can be used under the terms of the GNU General Public License v2.0 or later.
perl, mod_perl, mod_ssl, Authen::PAM, Linux-PAM
1 POD Error
The following errors were encountered while parsing the POD:
Non-ASCII character seen before =encoding in 'Héctor'. Assuming CP1252
To install Apache::AuthPAM, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Apache::AuthPAM
CPAN shell
perl -MCPAN -e shell install Apache::AuthPAM
For more information on module installation, please visit the detailed CPAN module installation guide.