James Carlson <[EMAIL PROTECTED]> writes: > Darren J Moffat writes: > > We already have (as of Solaris 2.6) a network based auth for users and > > network services - GSSAPI (and as of Solaris 10 SASL as well). > > However, missing from that is a AAA infrastructure, including RADIUS > and Diameter for database connections and EAP for authentication > protocol plugins.
True: It can often be handy to e.g. use pam_radius_auth (http://www.freeradius.org/pam_radius_auth/) for user authentication inside a local zone without exporting credentials (e.g. via yp) to the zone, e.g. if the applications aren't properly kerberized or a kerberos infrastructure is not in place. It would be very useful to include both that module and a RAIDUS server in Solaris. I haven't yet evaluated GNU RADIUS vs. FreeRADIUS (or others options I don't yet know about). Rainer -- ----------------------------------------------------------------------------- Rainer Orth, Faculty of Technology, Bielefeld University _______________________________________________ opensolaris-discuss mailing list [email protected]
