Pam

public class Pam implements UserSource

PAM UserSource for authenticating users via the Host’s pam module.

A User’s existence check and the retrieval of a user’s groups is done by the org.jvnet.libpam library.

The authentication of a user via the password need root-access and is therefore done by a special shell script running with root privileges on the host.

Author:

Timm Fitschen (t.fitschen@indiscale.com)

Fields

CACHE_REGION_AUTH

public static final String CACHE_REGION_AUTH

CACHE_REGION_GROUPS

public static final String CACHE_REGION_GROUPS

CACHE_REGION_USER_EXIST

public static final String CACHE_REGION_USER_EXIST

DEFAULT_PAM_SCRIPT

public static final String DEFAULT_PAM_SCRIPT

KEY_DEFAULT_USER_STATUS

public static final String KEY_DEFAULT_USER_STATUS

KEY_EMAIL

public static final String KEY_EMAIL

KEY_EXCLUDE

public static final String KEY_EXCLUDE

KEY_GROUP

public static final String KEY_GROUP

KEY_INCLUDE

public static final String KEY_INCLUDE

KEY_PAM_SCRIPT

public static final String KEY_PAM_SCRIPT

KEY_ROLES

public static final String KEY_ROLES

KEY_USER

public static final String KEY_USER

REGEX_SPLIT_CSV

public static final String REGEX_SPLIT_CSV

SEPARATOR

public static final String SEPARATOR

Methods

getDefaultUserEmail

public String getDefaultUserEmail(String username)

getDefaultUserStatus

public UserStatus getDefaultUserStatus(String username)

getName

public String getName()

isUserExisting

public boolean isUserExisting(String username)

Check if that user is known by the host’s PAM.

Try the cache first. Only ask PAM directly if necessary and cache the results.

Returns:

true iff the user is known.

See also: {@linkUserSource.isUserExisting(String)}.

isValid

public boolean isValid(String username, String password)

See also: {@linkUserSource.isValid(String,String)}.

resolveRolesForUsername

public Set<String> resolveRolesForUsername(String username)

See also: {@linkUserSource.resolveRolesForUsername(String)}

setMap

public void setMap(Map<String, String> map)