Return-Path: Delivered-To: apmail-shiro-user-archive@www.apache.org Received: (qmail 52153 invoked from network); 17 Feb 2011 20:01:38 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 17 Feb 2011 20:01:38 -0000 Received: (qmail 53031 invoked by uid 500); 17 Feb 2011 20:01:38 -0000 Delivered-To: apmail-shiro-user-archive@shiro.apache.org Received: (qmail 52951 invoked by uid 500); 17 Feb 2011 20:01:37 -0000 Mailing-List: contact user-help@shiro.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@shiro.apache.org Delivered-To: mailing list user@shiro.apache.org Received: (qmail 52943 invoked by uid 99); 17 Feb 2011 20:01:37 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 17 Feb 2011 20:01:37 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [209.85.214.45] (HELO mail-bw0-f45.google.com) (209.85.214.45) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 17 Feb 2011 20:01:32 +0000 Received: by bwz16 with SMTP id 16so3230523bwz.32 for ; Thu, 17 Feb 2011 12:01:11 -0800 (PST) MIME-Version: 1.0 Received: by 10.204.60.17 with SMTP id n17mr2131098bkh.190.1297972870317; Thu, 17 Feb 2011 12:01:10 -0800 (PST) Sender: les.hazlewood@anjinllc.com Received: by 10.204.4.72 with HTTP; Thu, 17 Feb 2011 12:01:10 -0800 (PST) In-Reply-To: <1297971372005-6037285.post@n2.nabble.com> References: <1297971372005-6037285.post@n2.nabble.com> Date: Thu, 17 Feb 2011 12:01:10 -0800 X-Google-Sender-Auth: ROt1Qwua6Wt2wT5geSk3kMRvywU Message-ID: Subject: Re: Shiro Realm for Unix PAM From: Les Hazlewood To: user@shiro.apache.org Content-Type: text/plain; charset=UTF-8 H Philippe, Thanks for sharing with us - this is cool! Best, Les P.S. Thanks to the Shiro team for a great project in general - I'm only part of the overall team :) On Thu, Feb 17, 2011 at 11:36 AM, Philippe Laflamme wrote: > > Hi, > > I was asked recently if my Java web app could use unix PAM subsystem for > authenticating users. The sys admins would like that because they control > the authentication configuration that way. After looking for an answer I > ended up finding Koshuke's libpam4j which uses JNA to talk to the system's > libpam. The next logical step was to use this inside my favorite security > library... > > Since Shiro is so nice, it took like 5 minutes to write a Realm > implementation that leverages libpam4j. The result is that you can use Shiro > to authenticate users against the OS's mechanism (which in turn can > authenticate against pretty much anything). > > I took the liberty to create an improvement in JIRA here: > https://issues.apache.org/jira/browse/SHIRO-269 > > The realm implementation is available here: > https://github.com/plaflamme/shiro-libpam4j > > Thanks to Les and Koshuke for writing their libs so nicely that it made > writing this so trivial! > > Cheers, > Philippe