[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Behavioural differences in Heimdal and MIT [was: Re: API differences between Heimdal and MIT]

To: "Henry B. Hotz" <hotz@jpl.nasa.gov>
Subject: Re: Behavioural differences in Heimdal and MIT [was: Re: API differences between Heimdal and MIT]
From: Gabor Gombas <gombasg@sztaki.hu>
Date: Wed, 15 Feb 2006 11:52:46 +0100
Cc: Buck Huppmann <buckh@pobox.com>, "Juha J." <juhaj@iki.fi>, heimdal-discuss@sics.se
In-Reply-To: <B70BAE77-700D-47A5-8DA7-DAB6E7F6A487@jpl.nasa.gov>
Mail-Followup-To: "Henry B. Hotz" <hotz@jpl.nasa.gov>,Buck Huppmann <buckh@pobox.com>, "Juha J." <juhaj@iki.fi>,heimdal-discuss@sics.se
References: <20060202161753.20c37c47@noether.tfy.utu.fi> <20060202154540.GC23653@boogie.lpds.sztaki.hu> <20060202181813.6789e137@alnitak.stiff.utu.fi> <20060213213951.GA19694@dsl092-173-085.wdc2.dsl.speakeasy.net> <B70BAE77-700D-47A5-8DA7-DAB6E7F6A487@jpl.nasa.gov>
Sender: owner-heimdal-discuss@sics.se

On Tue, Feb 14, 2006 at 03:29:57PM -0800, Henry B. Hotz wrote:

> The AFS token-not-yet-available issues are just another example of  
> the same old problem we've always had with getting OS's to deal  
> properly with AFS.

Maybe the proper solution would be to allow different backends (LDAP,
RDBMS etc.) for getting the information that is now contained in the
.k5login file. That would allow completely avoiding file system access
until the authentication/authorization process has finished.

I see two possible approaches:

1. Provide a callback that can be used to replace just the reading of
   the .k5login file, leaving the content parsing/decision making in
   Heimdal, or
2. Moving the decision making completely to the callback. This is more
   general but applications may need to implement more logic than with
   the first approach.

Gabor

-- 
     ---------------------------------------------------------
     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences
     ---------------------------------------------------------

Follow-Ups:
- Re: Behavioural differences in Heimdal and MIT [was: Re: API differences between Heimdal and MIT]
  - From: Buck Huppmann <buckh@pobox.com>
- Re: Behavioural differences in Heimdal and MIT [was: Re: API differences between Heimdal and MIT]
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
- Re: Behavioural differences in Heimdal and MIT
  - From: Johan Danielsson <joda@pdc.kth.se>

References:
- API differences between Heimdal and MIT
  - From: Juha Jäykkä <juhaj@iki.fi>
- Re: API differences between Heimdal and MIT
  - From: Gabor Gombas <gombasg@sztaki.hu>
- Behavioural differences in Heimdal and MIT [was: Re: API differencesbetween Heimdal and MIT]
  - From: Juha =?ISO-8859-15?B?SuR5a2vk?= <juhaj@iki.fi>
- Re: Behavioural differences in Heimdal and MIT [was: Re: API differences between Heimdal and MIT]
  - From: Buck Huppmann <buckh@pobox.com>
- Re: Behavioural differences in Heimdal and MIT [was: Re: API differences between Heimdal and MIT]
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>

Prev by Date: "Server unknown" error
Next by Date: Re: Behavioural differences in Heimdal and MIT [was: Re: API differences between Heimdal and MIT]
Prev by thread: Re: Behavioural differences in Heimdal and MIT [was: Re: API differences between Heimdal and MIT]
Next by thread: Re: Behavioural differences in Heimdal and MIT [was: Re: API differences between Heimdal and MIT]
Index(es):
- Date
- Thread