Hi, We would be very interested in a PAM module for Knox. Did some quick searching and found this: https://github.com/plaflamme/shiro-libpam4j
We have done some experimentation with very simple demo setups with credentials directly in topology files but decided against promoting it. If this were something you were interested in I could re-figure this out. We've also been looking into buji-pac4j for several other authentication models (e.g. OAuth, CAS, OpenID, SAML, etc). The limiting issue is that they aren’t really targeting at active profile REST API use as far as we have been able to determine. Kevin. On 7/14/15, 3:09 PM, "Tanping Wang" <[email protected]> wrote: >Hi, folks, >Today Knox can not work without LDAP. For demo purpose that we would like >to demonstrate that Knox can work with simple authentication, for example, >base Unix OS authentication. I believe this is not possible today? Please >correct me if I am wrong. We are working on adding a PAM module to Knox's >shiro framework, so that Knox can >1) authenticate against base Unix OS -- for demo purpose only >2) more importantly, nested OU would work for LDAP. > >Regards, >Tanping
