Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
problem with Authorization Plugin
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

problem with Authorization Plugin



Hi,

I am trying to write a daemon that will log in to OS X automatically when a user connects remotely to this daemon.  The user credentials are sent to the daemon by the user's client program.  I knew that I could perform the automatic login by means of an AppleScript, but this is sometimes not working properly and I wanted to find something more robust.  It was suggested to me that I should write an Authorization Plugin, and consider this task like wanting to login using a smart card.

I managed to write an Authorization Plugin, which is being called before the loginwindow plugin.  I am using the SetContextValue() function to set the username and password, but this is not working.

In /etc/authorization I added the bold line:

<key>system.login.console</key>
                <dict>
                        <key>class</key>
                        <string>evaluate-mechanisms</string>
                        <key>mechanisms</key>
                        <array>
                                <string>builtin:smartcard-sniffer,privileged</string>
                                <string>MyAuthPlugin:my_mechanism</string>
                                <string>loginwindow:login</string>
                                <string>builtin:reset-password,privileged</string>
                                <string>builtin:auto-login,privileged</string>
                                <string>builtin:authenticate,privileged</string>
                                <string>loginwindow:success</string>
                                <string>HomeDirMechanism:login,privileged</string>
                                <string>HomeDirMechanism:status</string>
                                <string>MCXMechanism:login</string>
                                <string>loginwindow:done</string>
                        </array>
                </dict>

I am using the SetContextValue() function as follows:


    char *uname = strdup("MyUserName");
    char *pwd = strdup("MyPassword");
    AuthorizationValue av_uname = { strlen(uname), uname };
    AuthorizationValue av_pwd = {strlen(pwd), pwd };
   
    SetContextValue(EngineRef, kAuthorizationEnvironmentUsername, 0, &av_uname);
    SetContextValue(EngineRef, kAuthorizationEnvironmentPassword, 0, &av_pwd);

    SetResult(EngineRef, kAuthorizationResultAllow);

The plugin is being called.  I know this because the login screen does not show up before SetResutl() is being called.  However the login screen is not being skipped.  Do I need to set another Context Value for this? Am I doing anything wrong ? What should I do to make this work?

Thanks and Regards
Alan J. Caruana
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2011 Apple Inc. All rights reserved.