Project review: Interposer mechanisms

[Simo Sorce]

On Fri, 2012-10-05 at 11:18 +1000, Luke Howard wrote:
> >> So something like SPNEGO still runs in the client's address space?
> > 
> > SPNEGO is not interposed by design atm.
> 
> Right, because interposing pseudo-mechs will be difficult without
> either interposing all mechanisms or having some kind of callback
> mechanism.

Yes the problem is that in MIT the spnego mechanism makes some
assumptions and takes some shortcuts in the way it calls other
mechanisms.

I haven't thought this through completely yet but I have been thinking
that if we were to expand the feature to allow for multiple (nesting)
interposer plugins than we could probably simply turn SPNEGO into an
interposer plugin itself.

Nut that is something we do not really need to worry about now, I do not
think that interposing SPNEGO itself is really that interesting except
if you want to replace it, but then why not simply fix the mechanism in
the mainline to do what you need ?

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York