Services4User review
Luke Howard
lukeh at padl.com
Fri Aug 21 07:36:22 EDT 2009
On 20/08/2009, at 11:51 PM, Nicolas Williams wrote:
> Following up from our IM chat, the GSS exts should be really be
> based on
> the existing gss_acquire/add_cred() functions, and in two variants:
> one
> for S4U2Self, with an additional impersonator_cred_handle input
> argument, and one for S4U2Proxy, with that same additional argument
> and
> a subject_cred_handle instead of desired_name.
OK, I've updated:
http://k5wiki.kerberos.org/wiki/Projects/Services4User
and have committed an implementation to the s4u branch.
This is a bit more work for the application developer, but
architecturally it seems better.
cheers,
-- Luke
More information about the krbdev
mailing list