[krbdev.mit.edu #5750] NIM: FEATURE: LIB: Query Language for Identity Properties
Jeffrey Altman via RT
rt at krbdev.mit.edu
Thu Sep 13 18:26:06 EDT 2007
Design and implement a query language for use in obtaining data from the
NIM identity database.
This Query language and API would be for the use of third party
applications as well as libraries which need access to the user or
organization configuration data.
Types of queries that can be issued include return:
* "the 'DefaultCCName' for the 'jaltman at ATHENA.MIT.EDU' identity
* "the 'X509 Certificate' which can be used to obtain krb5
credentials using the principal name 'jaltman at ATHENA.MIT.EDU'
This query API should be used in place of querying the registry directly
because responses might be computed from available data. For example,
if there is no 'DefaultCCName' property specified by the user, a default
will be computed depending upon whether API, FILE, or other types of
ccaches are the default.
For the X509 certificate query, resolving the query might require
searching the Windows Certificate Store for a certificate containing the
required properties.
Only items that are specified in the published schema will be eligible
for searching.
More information about the krb5-bugs
mailing list