Chapter 9 Pluggable Authentication Modules

Table of Contents

9.1 About Pluggable Authentication Module (PAM)
9.2 About PAM Operation for an Application
9.3 PAM Implementation Differences

Almost every enterprise application requires services such as authentication, logging, persistence, and security. In most applications, each service is either developed by the application developer, is reused after customizing the offerings provided by different vendors, or is implemented by leveraging the frameworks provided by the operating system.

Applications developed using a framework are interoperable with open standards. Usually, a framework provided by the operating system ensures conformance with the standards, maintainability, and upgradability as well as availability across multiple platforms at lower cost. A framework allows you to develop a structured, compliant application that is portable, maintainable, and upgradable with changing business rules and compliance requirements.

If your application uses a framework provided by the operating system, for example, a security framework,instead of having a custom-built implementation, a file-system framework, a cryptographic framework, or a hot-plug framework, migration from one platform to another becomes simple. Most frameworks available on UNIX systems are available on Oracle Linux and maintain similar, if not identical, interfaces.

This chapter is intended for developers of system-entry applications that provide authentication, account management, session management, and password management through Pluggable Authentication Modules (PAM). It describes differences in implementation and points that you should consider when migrating an application to Oracle Linux.