- Web Authentication modules must be reentrant. That is, if a
module is run more than once simultaneously, all instances
must run to completion without interference.
- Web Authentication modules must not change their process
group by any means, including via setsid(),
setpgid(), setpgrp(), or any similar function.
- Each module must place its source code in a directory
underneath survivor/src/modules/webauth/ with the following
conventions:
- The name of the directory must be
webauth/modulename/.
- A Makefile.in must be present, with directives for
clean, veryclean, all,
install, and install-remote.
The install should, except in exceptional
circumstances, install the module into
@prefix@/mod/webauth, owned by @INST_USER@
and @INST_GROUP@, mode 555.
The install-remote directive should be the
same as install, except where it does not make sense
for the module to be installed as part of a remote
distribution. (Web Authentication modules typically do not
need to be installed remotely.)
- Documentation describing the module should be in
doc/wam-modulename.html
- Web Authentication modules do not accept any command line
arguments, but instead receive their required data via a SurvivorWebAuthRequest element
provided in an XML document on stdin.
The optional ModuleOption elements should
conform to the Module XML Argument
Specification.
- Web Authentication modules should not write output files.
- Web Authentication modules must generate output on
stdout consisting of an XML document containing a
SurvivorWebAuthResult element.
The attribute AuthOK values are as follows:
- yes: Successful authentication, username and
optionally group memberships included.
- deferred: Authentication incomplete. The module
has handled the request (as for a cgi), and sw
should transmit any content in the Deferral
element and then exit.
- no: Authentication failed.
- Web Authentication modules must exit with one of the
following values (as defined in include/survivor.H):
- MODEXEC_OK: Authentication request successfully
processed.
- MODEXEC_PROBLEM: An error occurred in
processing the request.
- MODEXEC_MISCONFIG: The module is misconfigured
and is unable to process the request.
$Date: 2006/11/20 00:09:53 $
$Revision: 0.4 $
|
keywords
|