Password sync plugin, and questions about plugin criticality

[Luke Howard]

>We're talking about simple password sync.

Right, but I'm thinking about a generalized plugin interface that we
could use for implementing things like arbitrary KDC extensions.

>First, do you want failure to synchronize to lead to failure to change
>the password?  But you can't guarantee that password change and
>synchronization happen atomically, methinks.  So I'd say, change the
>password, then synchronize to all sinks; ignore (but log!) failures.
>Given such semantics no stacking seems necessary: just call all the
>plug-ins in order, or even concurrently.
>
>Password quality policies are another story: they must be consulted
>before allowing the password change to succeed, and also before password
>synchronization; failure to pass any password quality policy should
>result in failure, but checking all password quality policies at once is
>good: you can give the user information about the policies their
>password violated in one go.

Sure, all these things could be implemented by a generalized mechanism.


-- Luke

--