Pluggable Authentication Modules
From Wikipedia, the free encyclopedia
Pluggable authentication modules or PAM are a mechanism to integrate multiple low-level authentication schemes into a high-level API, which allows for programs that rely on authentication to be written independently of the underlying authentication scheme. PAM were first developed in 1996 by Sun Microsystems, and are currently supported in AIX, HP-UX, Solaris, Linux, FreeBSD, Mac OS X and NetBSD. PAM was later standardized as part of the X/Open UNIX standardization process, resulting in the XSSO standard.
The pluggable nature of PAM is one reason for using dynamic linking of system binaries. However, there needs to be a recovery mechanism in case a problem appears with the linker or shared libraries; for example both NetBSD and FreeBSD supply a /rescue directory of statically linked versions of important system binaries.
As the XSSO standard differs from both the original Sun API, and also from most other implementations, PAM implementations do not all operate in the same manner. For this and other reasons, OpenBSD has chosen to adopt BSD Authentication, an alternative authentication framework which originated from BSD/OS.
[edit] See also
- Name Service Switch (NSS)
- BSD Authentication
- Single sign-on
- Identity management
- Java Authentication and Authorization Service (JAAS)
[edit] External links
- Linux-PAM page
- Sun PAM page
- Java-PAM bridge
- PAM and password control
- OpenPAM a DARPA-sponsored implementation of PAM conforming to XSSO and the Solaris API, as used by FreeBSD and NetBSD
- Pluggable Authentication Modules for Linux
- Making the Most of Pluggable Authentication Modules (PAM)
 |
This software-related article is a stub. You can help Wikipedia by expanding it. |
