Design Notes for a Greeter Plugin System
We have started to throw around some ideas on how to create a plug in system to allow the log in greeter to be adaptable.
Use Cases
Identification / Authentication
- (Separate?)
Identification
NSS is clearly deficient here.
We'd like to be able to (at least):
- Query / store user photos (avatars)
- Query user account status in an implementation/backend independent way (locked, expired etc)
- Query the user's real world name etc (ie. not just gecos)
- Receive user added / removed notifications
- Receive user property changed notifications (picture / real name / etc changed)
- Domain / realm chooser
- Should only be displayed when applicable
- Username text entry
- Perhaps only displayed when there is a remote Directory Service source.
- Face browser
- Should "remember" most recent / frequent users on this particular seat
Authentication
One problem is how to display the prompts for the various modules marked as sufficient.
- PAM module specific UI
- Ability to authenticate against web services (may not translate well as a PAM module)
Support for Captcha?
- Password reminder support
- Self service password reset
Relevant Art
Other Operating Systems