You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jason Keltz <ja...@cse.yorku.ca> on 2006/08/01 21:07:40 UTC
[users@httpd] apache 2.2 and mod_auth_pam
I am trying to upgrade from running mod_auth_pam on the Apache 1.3.X
series to mod_auth_pam on the Apache 2.2.X series. I see that the
authentication and authorization has changed in Apache from the 2.1
series. I was able to successfully compile the mod_auth_pam module for
Apache 2.0.X, but I can't use it because I get errors in the log files:
Tue Aug 01 11:54:52 2006] [error] [client X] (9)Bad file descriptor:
Could not open password file: (null)
[Tue Aug 01 11:54:58 2006] [error] Internal error: pcfg_openfile()
called with NULL filename
... which, as I understand it is because I haven't specified an
AuthBasicProvider since the module doesn't define one.
Has anyone made available a mod_authnz_pam module? (or mod_authn_pam
and mod_authz_pam)? I can't imagine that i'm the first to want to use
pam authentication on the 2.2.X series server. If a module isn't
available, is there any way to use the existing authentication module
with the 2.2 series server? I can't seem to find anything in the
documentation on this. The only thing I can find is a claim that most
2.0 modules will continue to work with 2.2 - they just need to be
recompiled, but it seems like with the changes in authentication and
authorization that more than recompilation may be necessary...
I wonder why the "pam" module hasn't made it into the default Apache
installation yet? I imagine it's used in quite a few installations..
Any assistance would be appreciated...
Jason.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] apache 2.2 and mod_auth_pam
Posted by Nick Kew <ni...@webthing.com>.
On Tuesday 01 August 2006 20:07, Jason Keltz wrote:
> I am trying to upgrade from running mod_auth_pam on the Apache 1.3.X
> series to mod_auth_pam on the Apache 2.2.X series. I see that the
> authentication and authorization has changed in Apache from the 2.1
> series. I was able to successfully compile the mod_auth_pam module for
> Apache 2.0.X, but I can't use it because I get errors in the log files:
>
> Tue Aug 01 11:54:52 2006] [error] [client X] (9)Bad file descriptor:
> Could not open password file: (null)
> [Tue Aug 01 11:54:58 2006] [error] Internal error: pcfg_openfile()
> called with NULL filename
>
> ... which, as I understand it is because I haven't specified an
> AuthBasicProvider since the module doesn't define one.
Yes.
You should be able to use it with 2.2, possibly only by disabling
the normal 2.2 mod_auth_basic (or digest, as appropriate) altogether.
Try ensuring it runs before normal 2.2 authentication. You can
probably do that simply by using AP_HOOK_FIRST in its auth hook
(but that's just guessing - I haven't looked, let alone tried).
> Has anyone made available a mod_authnz_pam module? (or mod_authn_pam
> and mod_authz_pam)?
Do google or modules.apache.org have anything to say?
> I wonder why the "pam" module hasn't made it into the default Apache
> installation yet? I imagine it's used in quite a few installations..
It would make sense from a functional point of view. But it's a third-party
module. AFAIK they've neither offered it for inclusion, nor been asked by
any of the core developers. It would require that some core devs are
willing and able to maintain it.
--
Nick Kew
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org