Apache::AuthPAM - Authenticate apache request using PAM services
# /etc/httpd.conf <Directory /var/www/https/secured-area/> AuthType Basic AuthName "your server account" PerlAuthHandler Apache::AuthPAM PerlSetVar PAMservice check_user require valid-user </Directory> # /etc/pam.d/check_user #%PAM-1.0 auth required /lib/security/pam_pwdb.so nodelay account required /lib/security/pam_pwdb.so
This perl module is designed to work with mod_perl and the Authen::PAM module.
You can select the PAM service setting the perl var PAMservice
PerlSetVar PAMservice the-pam-service-you-want
You can select different PAM services for different directories or locations in your web server filesystem space.
Apache::AuthPAM works as follows:
First, it calls
pam_start with the selected service. Second, it calls
pam_authenticate with the browser/apache supplied username and password. Later, it calls
pam_acct_mgmt. And finally it calls
pam_end. If any of the PAM functions fail, Apache::AuthPAM logs an info level message and returns
AUTH_REQUIRED. If all PAM functions are succesfull, Apache::AuthPAM logs an info level message and returns
If you are going to use your system password database, you MUST also use mod_ssl.
I'am using a global symbol.
Apache::AuthPAM is running as the same user mod_perl is running (on RedHat Linux it is apache). It is running without privileges.
Héctor Daniel Cortés González <email@example.com>
Apache::AuthPAM is a direct adaptation of Demetrios E. Paneras' <firstname.lastname@example.org> Apache::AuthenNISplus. Authen::PAM is written by Nikolay Pelov <email@example.com>. The sample PAM application check_user.c was contribuited by Shane Watts with modifications by AGM.
This apache perl module is Free Software, and can be used under the terms of the GNU General Public License v2.0 or later.