User Authorization

Questions regarding the use of the ANSI C SDK for Server or Client development or integration into customer products ...

Moderator: uasdkc

Post Reply
bstraehl
Jr. Member
Jr. Member
Posts: 1
Joined: 27 Aug 2020, 14:24

User Authorization

Post by bstraehl »

User authentication can be done in several ways, for instance internal, internal_ex, pam, sasl and so on. However information for user authorization (UASERVER_SUPPORT_AUTHORIZATION) is always read from the proprietary and system independent passwd and group files shaped like this:
<UserId> <GroupId> <UserName>
0 0 root
1 1 anonymous
2 4 joe
3 5 john
4 6 sue
5 7 "jane doe"

<GroupId> <GroupName> <Users>
0 root root
1 anonymous anonymous
2 operators joe,john
3 users "joe,john,sue,jane doe"
4 joe joe
5 john john
6 sue sue
7 "jane doe" "jane doe"

Wouldn't it make sense to have the possibility to read user authorization data from the systems /etc/passwd and /etc/group files, if somebody uses PAM with pam_unix.so anyway? If I want to have this, I have to write may own userId, groupId and userGroups getter functions and install them with UaServer_SetUserAuthenticationTypeEx using UserAuthType_User. Is this right?
Top
Post Reply

Return to “ANSI C based OPC UA SDK”