pam_authenticate(3pam) 맨 페이지 - 윈디하나의 솔라나라

개요

섹션
맨 페이지 이름
검색(S)

pam_authenticate(3pam)

pam_authenticate(3PAM)       PAM Library Functions      pam_authenticate(3PAM)



NAME
       pam_authenticate - perform authentication within the PAM framework

SYNOPSIS
       cc [ flag ... ] file ... -lpam [ library ... ]
       #include <security/pam_appl.h>

       int pam_authenticate(pam_handle_t *pamh, int flags);

DESCRIPTION
       The  pam_authenticate()  function is called to authenticate the current
       user. The user is usually required  to  enter  a  password  or  similar
       authentication  token depending upon the authentication service config‐
       ured within the system. The user in question should have been specified
       by a prior call to pam_start() or pam_set_item().


       The following flags may be set in the flags field:

       PAM_SILENT                   Authentication service should not generate
                                    any messages.


       PAM_DISALLOW_NULL_AUTHTOK    The authentication service  should  return
                                    PAM_AUTH_ERR   if  the  user  has  a  null
                                    authentication token.


RETURN VALUES
       Upon successful completion, PAM_SUCCESS is returned. In addition to the
       error return values described in pam(3PAM), the following values may be
       returned:

       PAM_AUTH_ERR             Authentication failure.


       PAM_CRED_INSUFFICIENT    Cannot  access  authentication  data  due   to
                                insufficient credentials.


       PAM_AUTHINFO_UNAVAIL     Underlying   authentication   service   cannot
                                retrieve authentication information.


       PAM_USER_UNKNOWN         User not known to the  underlying  authentica‐
                                tion module.


       PAM_MAXTRIES             An  authentication  service  has  maintained a
                                retry count which has been reached. No further
                                retries should be attempted.


ATTRIBUTES
       See attributes(7) for description of the following attributes:


       tab()  box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE TYPEAT‐
       TRIBUTE VALUE _ Interface  StabilityCommitted  _  MT-LevelMT-Safe  with
       exceptions


SEE ALSO
       libpam(3LIB),  pam(3PAM),  pam_open_session(3PAM),  pam_set_item(3PAM),
       pam_setcred(3PAM), pam_start(3PAM), attributes(7)

NOTES
       In the case of authentication failures due to an incorrect username  or
       password,  it  is  the  responsibility  of  the  application  to  retry
       pam_authenticate() and to maintain the retry count.  An  authentication
       service  module  may  implement  an  internal retry count and return an
       error PAM_MAXTRIES if the module  does  not  want  the  application  to
       retry.


       If  the  PAM  framework  cannot load the authentication module, then it
       will return PAM_ABORT. This indicates a serious failure, and the appli‐
       cation should not attempt to retry the authentication.


       For security reasons, the location of authentication failures is hidden
       from the user. Thus, if several authentication services are stacked and
       a  single  service fails, pam_authenticate() requires that the user re-
       authenticate each of the services.


       A null authentication token in the authentication database will  result
       in successful authentication unless PAM_DISALLOW_NULL_AUTHTOK was spec‐
       ified. In such cases, there will be no prompt to the user to  enter  an
       authentication token.


       For security reasons, pam_authenticate() clears the PAM_AUTHTOK item in
       the PAM handle prior to returning to the application.


       The interfaces in libpam are MT-Safe only if  each  thread  within  the
       multithreaded application uses its own PAM handle.



Oracle Solaris 11.4               16 Mar 2016           pam_authenticate(3PAM)
맨 페이지 내용의 저작권은 맨 페이지 작성자에게 있습니다.
RSS ATOM XHTML 5 CSS3