PageViews: 3,280 hits / 231 nets

Configuring Authenticaiton of DeleGate

Yutaka Sato
December 28, 2006

Authentication by an external command

DeleGate version 9.4.2 introduced an interface for "authentication by an external command". Although DeleGate supports the PAM standard interface for authentication, it could be not so easy to apply PAM to user's own or legacy schemes or data bases for authentication. Therefore a simple command interface for authentication can be useful to support simple implementation of user's own authentication or adaptations to existing schemes of authentication.

The following example shows how it is configured. In the example, the command for authentication is named "myauth". It is referred by DeleGate as " AUTHORIZER=-cmd{myauth}". User name and password to be authenticated can be passed in command-line arguments, environment variables, or in the standard input to the command. In the example, the user name "%U" is passed as a command-line argument while the password "%P" is passed in the environment variable "PASSWD".