Previous section.

X/Open Single Sign-on Service (XSSO) -<br> Pluggable Authentication Modules

X/Open Single Sign-on Service (XSSO) -
Pluggable Authentication Modules
Copyright © 1997 The Open Group

Conformance

XSSO (Base) Conformance

This section defines conformance criteria for implementations of the XSSO.

The following XSSO implementation conformance categories are defined:

PAM Application Programming Interface Conformance

An implementation of the PAM Infrastructure that conforms with this conformance category shall support the following interfaces:

pam_acct_mgmt() pam_authenticate()
pam_authenticate_secondary() pam_chauthtok()
pam_close_session() pam_end()
pam_get_data() pam_getenv()
pam_get_envlist() pam_get_item()
pam_get_mapped_authtok() pam_get_mapped_username()
pam_get_user() pam_open_session()
pam_putenv() pam_setcred()
pam_set_data() pam_set_item()
pam_set_mapped_authtok() pam_set_mapped_username()
pam_start() pam_strerror()


PAM System Programming Interface Conformance

An implementation of the PAM Infrastructure that conforms with this conformance category shall support the following interfaces:

pam_sm_acct_mgmt() pam_sm_authenticate()
pam_sm_authenticate_secondary() pam_sm_chauthtok()
pam_sm_close_session() pam_sm_get_mapped_authtok()
pam_sm_get_mapped_username() pam_sm_set_mapped_authtok()
pam_sm_set_mapped_username() pam_sm_open_session()
pam_sm_setcred()  


PAM Module Conformance

An implementation of a PAM module that conforms with this conformance category shall support one or more of the following sets of interfaces:

Authentication Option  
pam_sm_authenticate() pam_sm_setcred()
Account Management Option  
pam_sm_acct_mgmt()  
Session Management Option  
pam_sm_close_session() pam_sm_open_session()
Password Management Module  
pam_sm_chauthtok()  
Mapping Option  
pam_sm_get_mapped_authtok() pam_sm_get_mapped_username()
pam_sm_set_mapped_authtok() pam_sm_set_mapped_username()


An implementor of a module shall define how that module is configured, and in particular, define the options that may be included in a PAM configuration entry for the module.

An implementor of a module that is capable of using mapping shall document whether the module provides support for mapping usernames, or passwords, or both.


Why not acquire a nicely bound hard copy?
Click here to return to the publication details or order a copy of this publication.

Contents Next section Index