Forum OpenACS Development: Re: RFC: External Authentication

Collapse
Posted by Oscar Bonilla on
Regarding PAM...

Let's not forget that PAM deals with authentication and *only* authentication. There's no way to find out the user's names, or any information whatsoever about the user via PAM. That's what the name service switch (/etc/nsswitch.conf) is for.

In the OS world, you can configure different sources for authentication (PAM) and account information (NSS). I think we should also separate authentication from information retrieval for account creation. What if I want my users to authenticate using LDAP but want to get their information from another source (like another database)?

Just a thought...

Regards,

-Oscar