The Pluggable Authentication Module (PAM) framework enables administrators to coordinate and configure user authentication requirements for accounts, credentials, sessions, and passwords without modifying the services that require authentication.
The PAM framework enables organizations to customize the user authentication experience as well as account, session, and password management functionality. System entry services such as login and ssh use the PAM framework to secure all entry points for the freshly installed system. PAM enables the replacement or modification of authentication modules in the field to secure the system against any newly found weaknesses without requiring changes to any system services that use the PAM framework.
Oracle Solaris delivers a broad set of PAM modules and configurations to meet most site policies. For more information, see the following:
Writing Applications That Use PAM Services in Developer’s Guide to Oracle Solaris 11 Security
pam.conf (4) man page