Authdata, preauth plugin headers
Sam Hartman
hartmans at MIT.EDU
Mon Jun 27 07:43:37 EDT 2011
>>>>> "Greg" == Greg Hudson <ghudson at MIT.EDU> writes:
Greg> On Thu, 2011-06-09 at 12:25 -0400, Greg Hudson wrote:
>> 1. Use the new plugin framework.
Greg> I've committed this to the trunk. Anyone working on preauth
Greg> plugins for 1.10 should feel free to contact me (via IRC or
Greg> email) if they need help adjusting.
>> 2. Provide a way to get and set the cookie.
Greg> For current use cases, the only place you'd want to set a
Greg> cookie is in get_edata. So adding a cookie parameter there
Greg> should be sufficient for now.
I think it's really important that the KDc handle hard parts of cookie
management itself:
* combining cookies from multiple mechanisms
* Doing the encryption
* managing expiration.
Supporting that reasonably is why I didn't make an interface in the
current mechanism.
More information about the krbdev
mailing list