A: You are probably using the
pam_unix module on a shadowed system. For
pam_unix it is not
possible to check the passwords for any other than the invoking user if not root. See Q9 of the
PAM FAQ. Choose a different authentication method, like
LDAP, pwdb, MySQL, IMAP etc. Running your application as root is another possibility but this is not encouraged.
A: While there is an official list of PAM modules the documentation of PAM modules remains very very poor. Please ask the module writers to write up a good documentation of their modules.
A: You are using version 0.1 of the library. You must set the environment variable
LD_PRELOAD=/lib/libpam.so prior to starting the Java VM. As of version 0.2 the
library preloads PAM automatically and the environment variable is not necessary.
A: The native library is not in Java's library path. Pick the solution that best suits you:
libjaas-pam.solibrary is in the environment variable
libjaas-pam.soto one of the standard library directories:
/lib, /usr/lib or /usr/local/lib
java.library.pathto include the directory where the
libjaas-pam.solibrary is. This is either done by the
-Doption of the Java executable or by calling
System.setPropertyin your Java code.
A: I made this library as a proof of concept. I have no real use for it. This means I am not actively developing it. Please use this library and make thorough tests. If you find problems please report them or send patches. I will be more than happy to make improvements.
A: Yes, absolutely. If you modify the library however you must offer the source code of your changes to your customer. Moreover I would be extremely glad if you tried to get your changes into the official codebase instead of running your own fork. This way you profit as well of less maintenance costs!
A: Yes, absolutely. BSD style licenses are more open than the LGPL. They allow closed source modifications to the code. The Apache license is a BSD style license. Open Source projects with BSD style license may link against and redistribute this library without special permission (this is my interpretation of the LGPL). The BSD style license however does not extend to this library - it is still LGPL. If this library is modified in any way those modifications must be open. But the LGPL does not make any provisions about the license of code that is not part of this library.