[Freeipa-devel] Session design document
Dmitri Pal
dpal at redhat.com
Sat Dec 3 19:06:48 UTC 2011
On 12/01/2011 08:48 PM, Simo Sorce wrote:
> On Thu, 2011-12-01 at 19:31 -0500, John Dennis wrote:
>> On 12/01/2011 06:54 PM, Dmitri Pal wrote:
>>> Seems reasonable. I agree with pros and cons and suggestions but I am
>>> not the person to make the final approval. Simo?
>>>
>>> Question for John: Is there any benefit for CLI or it is for UI only?
>> Currently it would benefit the UI only. That's mostly because there is
>> no mechanism in the cli to cache the session ID. Adding that wouldn't be
>> too difficult except for the issue of how to store the session ID
>> securely, it would have to be written to a file (unlike with a browser
>> which is supposed to hold session cookies in memory). Is there an
>> ability to add a data item like this to the user's kerberos credential
>> cache?
> Yes we could create a fake key and stick the session id in it.
> That was the trick we proposed using when this question was raised a few
> months ago during a conference call on the matter.
>
> Simo.
>
Can we please then extend the design to include this?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-devel
mailing list