[Freeipa-devel] Session design document
Simo Sorce
simo at redhat.com
Fri Dec 2 01:48:54 UTC 2011
On Thu, 2011-12-01 at 19:31 -0500, John Dennis wrote:
> On 12/01/2011 06:54 PM, Dmitri Pal wrote:
> > Seems reasonable. I agree with pros and cons and suggestions but I am
> > not the person to make the final approval. Simo?
> >
> > Question for John: Is there any benefit for CLI or it is for UI only?
>
> Currently it would benefit the UI only. That's mostly because there is
> no mechanism in the cli to cache the session ID. Adding that wouldn't be
> too difficult except for the issue of how to store the session ID
> securely, it would have to be written to a file (unlike with a browser
> which is supposed to hold session cookies in memory). Is there an
> ability to add a data item like this to the user's kerberos credential
> cache?
Yes we could create a fake key and stick the session id in it.
That was the trick we proposed using when this question was raised a few
months ago during a conference call on the matter.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list