User Authorization
Posted: 07 Mar 2023, 12:12
User authentication can be done in several ways, for instance internal, internal_ex, pam, sasl and so on. However information for user authorization (UASERVER_SUPPORT_AUTHORIZATION) is always read from the proprietary and system independent passwd and group files shaped like this:
<UserId> <GroupId> <UserName>
0 0 root
1 1 anonymous
2 4 joe
3 5 john
4 6 sue
5 7 "jane doe"
<GroupId> <GroupName> <Users>
0 root root
1 anonymous anonymous
2 operators joe,john
3 users "joe,john,sue,jane doe"
4 joe joe
5 john john
6 sue sue
7 "jane doe" "jane doe"
Wouldn't it make sense to have the possibility to read user authorization data from the systems /etc/passwd and /etc/group files, if somebody uses PAM with pam_unix.so anyway? If I want to have this, I have to write may own userId, groupId and userGroups getter functions and install them with UaServer_SetUserAuthenticationTypeEx using UserAuthType_User. Is this right?
<UserId> <GroupId> <UserName>
0 0 root
1 1 anonymous
2 4 joe
3 5 john
4 6 sue
5 7 "jane doe"
<GroupId> <GroupName> <Users>
0 root root
1 anonymous anonymous
2 operators joe,john
3 users "joe,john,sue,jane doe"
4 joe joe
5 john john
6 sue sue
7 "jane doe" "jane doe"
Wouldn't it make sense to have the possibility to read user authorization data from the systems /etc/passwd and /etc/group files, if somebody uses PAM with pam_unix.so anyway? If I want to have this, I have to write may own userId, groupId and userGroups getter functions and install them with UaServer_SetUserAuthenticationTypeEx using UserAuthType_User. Is this right?