× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. July 2004

RE: does PAM for AS400 exist?

You are correct, EIM is used for mapping a user on one registry to the
correct user on another registry.  EIM has very, limited knowledge about the
actual authentication scheme.  In V5R3, IBM added the ability to add
certificate type registries so that you can map a certificates with users.
OS400 uses EIM with Kerberos to provide SSO.  Once OS400 validates the
authenticity of a clients Kerberos ticket, it uses EIM to tell it what OS400
user profile to use for that user.  

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of jared
Sent: Wednesday, July 21, 2004 9:27 AM
To: Midrange Systems Technical Discussion
Subject: RE: does PAM for AS400 exist?

Sorry for not being more specific, I'm in the process of figuring out what
"pluggable authentication" means myself.  The sense I have about PAM is
that it's a generic API for defining how username/password pairs are
actually processed, and can be used for stuff like single signon.  Not
strictly a Java thing...originally developed at Sun, now used widely on
Linux.

I stumbled onto EIM about an hour ago, and my followup question was going
to be "can one use EIM to define the actual backend auth scheme for a
particular application, or (possibly) for the entire system?"  From the
intro articles/diagrams I looked at, it seemed mostly like a way for two
systems to map (already authenticated) usernames between each other.

I found some decent EIM docs, so I'll read for a while and see if I can't
figure out what I'm asking. :)

-jared

On Wed, 21 Jul 2004, Joe Pluta wrote:

> > From: Pat Barber
> >
> > At the risk of sounding dumb as a brick, just what are
> > you talking about ???
>
> As a fellow brick, Pat, I did a little research. As close as I can tell,
> PAM is the Java version of EIM.  Just google for pluggable
> authentication module and you'll get a ton of hits:
>
> http://java.sun.com/security/jaas/doc/pam.html
>
> Joe
>
> --
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.