Excellent. I look forward to this valuable contribution to Knox.
On 7/14/15, 3:41 PM, "Jeffrey Rodriguez" <[email protected]> wrote: >I have implemented PAM authentication based on shiro-libpam4j and it is >integrated with Knox 0.6.0 to do OS authentication, as soon as I finish >testing with LDAP using PAM I will post the design, document and a patch. > >On Tue, Jul 14, 2015 at 12:25 PM, Kevin Minder <[email protected] >> wrote: > >> Hi, >> >> We would be very interested in a PAM module for Knox. Did some quick >> searching and found this: https://github.com/plaflamme/shiro-libpam4j >> >> We have done some experimentation with very simple demo setups with >> credentials directly in topology files but decided against promoting it. >> If this were something you were interested in I could re-figure this out. >> >> We've also been looking into buji-pac4j for several other authentication >> models (e.g. OAuth, CAS, OpenID, SAML, etc). The limiting issue is that >> they aren’t really targeting at active profile REST API use as far as we >> have been able to determine. >> >> Kevin. >> >> >> >> On 7/14/15, 3:09 PM, "Tanping Wang" <[email protected]> wrote: >> >> >Hi, folks, >> >Today Knox can not work without LDAP. For demo purpose that we would like >> >to demonstrate that Knox can work with simple authentication, for example, >> >base Unix OS authentication. I believe this is not possible today? >> Please >> >correct me if I am wrong. We are working on adding a PAM module to Knox's >> >shiro framework, so that Knox can >> >1) authenticate against base Unix OS -- for demo purpose only >> >2) more importantly, nested OU would work for LDAP. >> > >> >Regards, >> >Tanping >>
