The first technology we're going to discuss is Pluggable Authentication Modules (PAM) for Linux, which is a set of libraries that offers a single point of authentication for Linux-based operating systems. This is effectively the backend upon which privilege escalating utilities within the system will hand over the responsibility of authentication in a dynamic and configurable fashion. System administrators are able to modify the way different sessions and services authenticate the system using module configurations. Through the use of modules, PAM makes each of the following authentication functions separately configurable:
OpenShift uses this mechanism and has developed a custom PAM module that assists in providing the multitenant nature of OpenShift gears.