public static bool Authenticate(string serviceName, string user, string password)
{
//Initialize
PamStatus lastReturnedValue = PamStatus.PAM_SUCCESS;
IntPtr pamHandle = IntPtr.Zero;
PamConv conversation = new PamConv();
ConversationHandler conversationHandler = new ConversationHandler(password);
conversation.ConversationCallback = conversationHandler.HandlePamConversation;
try {
//Start
lastReturnedValue = Pam.pam_start(serviceName, user, conversation, ref pamHandle);
if (lastReturnedValue != PamStatus.PAM_SUCCESS)
{
return(false);
}
//Authenticate - Verifies username and password
lastReturnedValue = Pam.pam_authenticate(pamHandle, AuthenticateFlags);
if (lastReturnedValue != PamStatus.PAM_SUCCESS)
{
return(false);
}
//Account Management - Checks that account is valid, checks account expiration, access restrictions.
lastReturnedValue = Pam.pam_acct_mgmt(pamHandle, AccountManagementFlags);
if (lastReturnedValue != PamStatus.PAM_SUCCESS)
{
return(false);
}
} finally {
lastReturnedValue = Pam.pam_end(pamHandle, lastReturnedValue);
}
return(true);
}
///<summary>
/// Ensures that the account is in good standing - not locked out expired, etc.
/// http://linux.die.net/man/3/pam_acct_mgmt
///</summary>
public PamStatus AccountManagement(int flags)
{
lock (this.PamCallLock) {
EnsureSessionAlive();
this.lastReturnedValue = Pam.pam_acct_mgmt(this.pamHandle, flags);
return(this.lastReturnedValue);
}
}