Nice! I look forward to seeing this! On Tue, Jul 14, 2015 at 3:47 PM, Kevin Minder <[email protected]> wrote:
> Excellent. I look forward to this valuable contribution to Knox. > > > > > On 7/14/15, 3:41 PM, "Jeffrey Rodriguez" <[email protected]> wrote: > > >I have implemented PAM authentication based on shiro-libpam4j and it is > >integrated with Knox 0.6.0 to do OS authentication, as soon as I finish > >testing with LDAP using PAM I will post the design, document and a patch. > > > >On Tue, Jul 14, 2015 at 12:25 PM, Kevin Minder < > [email protected] > >> wrote: > > > >> Hi, > >> > >> We would be very interested in a PAM module for Knox. Did some quick > >> searching and found this: https://github.com/plaflamme/shiro-libpam4j > >> > >> We have done some experimentation with very simple demo setups with > >> credentials directly in topology files but decided against promoting it. > >> If this were something you were interested in I could re-figure this > out. > >> > >> We've also been looking into buji-pac4j for several other authentication > >> models (e.g. OAuth, CAS, OpenID, SAML, etc). The limiting issue is that > >> they aren’t really targeting at active profile REST API use as far as we > >> have been able to determine. > >> > >> Kevin. > >> > >> > >> > >> On 7/14/15, 3:09 PM, "Tanping Wang" <[email protected]> wrote: > >> > >> >Hi, folks, > >> >Today Knox can not work without LDAP. For demo purpose that we would > like > >> >to demonstrate that Knox can work with simple authentication, for > example, > >> >base Unix OS authentication. I believe this is not possible today? > >> Please > >> >correct me if I am wrong. We are working on adding a PAM module to > Knox's > >> >shiro framework, so that Knox can > >> >1) authenticate against base Unix OS -- for demo purpose only > >> >2) more importantly, nested OU would work for LDAP. > >> > > >> >Regards, > >> >Tanping > >> >
