> Yeah, you hit the problem with stacking - authoritative. I'm not > sure how useful having multiple backends could be. I'd almost > suggest that something like a PAM backend would be much better and > allows a fairly standard configuration. (I know Dirk has a PAM
It is integrated into the PAM project at the sourceforge. I've worked with the author(s) to give it an ASF style license - and they'd be more than happy to share/donate the module to the ASF. Issues with respect to Maintenace and Community would of course still be there and I've not looked into that. > module somewhere.) That removes the stacking component entirely if > we supported PAM. Actually - because of PAM, especially remote PAM into radius or tacacs, stacking at the very least a file based 'backup' auth provider in the tree (preferably independend of PAM - which can have finicky failure mode) is invaluable in operational environments in my experience. Dw
