pam_authenticate(3) -- Linux man page

 

NAME

pam_authenticate - authenticate a user

 

SYNOPSIS

#include <security/pam_appl.h>

int pam_authenticate(pam_handle_t *pamh, int flags);

 

DESCRIPTION

pam_authenticate


Use this function to authenticate an applicant user. It is linked dynamically to the authentication modules by Linux-PAM. It is the task of these module to perform such an authentication. The specific nature of the authentication is not the concern of the application.


Following successful completion, the name of the authenticated user will be present in the Linux-PAM item PAM_USER. This item may be recovered with a call to pam_get_item(3).


The application developer should note that the modules may request that the user enter their username via the conversation mechanism (see pam_start(3)). Should this be the case, the user-prompt string can be set via the PAM_USER_PROMPT item (see pam_set_item(3)).

 

RETURN VALUE

On success PAM_SUCCESS is returned. All other returns should be considered authentication failures and will be delayed by an amount specified with prior calls to pam_fail_delay(3). Specific failures that demand special attention are the following:
PAM_ABORT
the application should exit immediately. Of course, pam_end(3) should be called first.

PAM_MAXTRIES
the application has tried too many times to authenticate the user, authentication should not be attempted again.

 

ERRORS

May be translated to text with pam_strerror(3).

 

CONFORMING TO

DCE-RFC 86.0, October 1995.

 

BUGS

none known.

 

SEE ALSO

pam_start(3), pam_get_item(3) pam_fail_delay(3) and pam_strerror(3).

Also, see the three Linux-PAM Guides, for System administrators, module developers, and application developers.