The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.

NAME

Apache::AuthPAM - Authenticate apache request using PAM services

SYNOPSIS

  # /etc/httpd.conf
  <Directory /var/www/https/secured-area/>
     AuthType Basic
     AuthName "your server account"
     PerlAuthHandler Apache::AuthPAM
     PerlSetVar PAMservice check_user
     require valid-user
  </Directory>

  # /etc/pam.d/check_user
  #%PAM-1.0
  auth        required    /lib/security/pam_pwdb.so nodelay
  account     required    /lib/security/pam_pwdb.so

DESCRIPTION

This perl module is designed to work with mod_perl and the Authen::PAM module.

You can select the PAM service setting the perl var PAMservice

  PerlSetVar PAMservice the-pam-service-you-want

You can select different PAM services for different directories or locations in your web server filesystem space.

Apache::AuthPAM works as follows:

First, it calls pam_start with the selected service. Second, it calls pam_authenticate with the browser/apache supplied username and password. Later, it calls pam_acct_mgmt. And finally it calls pam_end. If any of the PAM functions fail, Apache::AuthPAM logs an info level message and returns AUTH_REQUIRED. If all PAM functions are succesfull, Apache::AuthPAM logs an info level message and returns OK.

If you are going to use your system password database, you MUST also use mod_ssl.

BUGS

I'am using a global symbol.

Apache::AuthPAM is running as the same user mod_perl is running (on RedHat Linux it is apache). It is running without privileges.

AUTHOR

Héctor Daniel Cortés González <hdcg@cie.unam.mx>

CREDITS

Apache::AuthPAM is a direct adaptation of Demetrios E. Paneras' <dep@media.mit.edu> Apache::AuthenNISplus. Authen::PAM is written by Nikolay Pelov <nikip@iname.com>. The sample PAM application check_user.c was contribuited by Shane Watts with modifications by AGM.

COPYRIGHT

This apache perl module is Free Software, and can be used under the terms of the GNU General Public License v2.0 or later.

SEE ALSO

perl, mod_perl, mod_ssl, Authen::PAM, Linux-PAM

1 POD Error

The following errors were encountered while parsing the POD:

Around line 185:

Non-ASCII character seen before =encoding in 'Héctor'. Assuming CP1252