On Fri, Sep 10, 2021 at 3:20 AM Daniil Kirilyuk <[email protected]> wrote: > We're developing a java application, which should authenticate users > against both LDAP and custom formatted files containing user > information. Both username/password and certificate authentication > are planned to be supported. Our application should run mainly on > RHEL. We were estimating the possibility to use SSSD for this > purpose. After some investigation it seems, that SSSD can be called > from java code only via D-Bus. It also seems, that it can be used > mainly for fetching user information. but not for authentication.
If your application runs primarily on RHEL, it might make more sense to use PAM instead (maybe via JNI?), instead of hardcoding the use of sssd. (Typically, on Linux systems, sssd is called via PAM.) That way, system administrators would have near-complete flexibility in configuring your application’s authentication, because they could do so via PAM… like virtually every other Linux application that needs to perform user authentication. _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
