river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gregg Wonderly <gr...@wonderly.org>
Subject Re: PAM - Pluggable Authentication Modules Any Ideas?
Date Wed, 12 May 2010 20:31:20 GMT
Peter Firmstone wrote:
> Anyone got any ideas for PAM in Apache River?

Currently, because JAAS is broken and providing no access to authentication APIs 
of the host OS, we'd have to provide JNI code to do authentication against PAM 
or other native authentication mechanisms, if done in the same JVM where less 
trust paranoia has to occur.  An external authentication service could be 
written which might bind to "localhost:xxx" and use an SSL cert based 
authentication to connect.  We could then use local native processes as 
authentication agents to authenticate Jini users.

My http://pastion.dev.java.net project includes a JNI based authentication API 
that uses PAM on linux.  There is/was a difference in APIs for Solaris vs Linux 
that might still need some customizations.  I am not familiar with what we'd 
need to use a windows based directory service.

Gregg Wonderly

View raw message