/
PAM Module

PAM Module

May 13, 2009

Yale PAM client distribution

The Yale CAS client distribution includes a PAM module suitable for CAS-authenticating, say, an IMAP server.

esup-portail PAM client distribution

Esup-portail also distributes an enhanced version of the PAM module.

Documentation is available here.

The following are what I believe to be some of the enhancements present in the esup-portail module beyond what is available in Yale PAM_CAS, as of the time of this writing. If this characterization can be made more accurate, please comment upon or edit this Wiki page. However, it is to be expected that esup-portail's documentation of their PAM module is always going to be more up-to-date and authoritative than this Wiki page.

  • improved debugging

  • certificate management: only the higher Certificate of Certificate Authority is necessary

  • Parameters are written in a configuration file (rather than being compiled in):

Thanks to Vincent Mathieu for writing on the CAS discussion list on this point. His email seeded this Wiki page.