[Freeipa-users] Propose FreeIPA theses: IPA support for sites
Alexander Bokovoy
abokovoy at redhat.com
Fri Mar 7 16:18:50 UTC 2014
On Fri, 07 Mar 2014, Dmitri Pal wrote:
>On 03/06/2014 10:55 AM, Petr Spacek wrote:
>>On 6.3.2014 14:32, Petr Spacek wrote:
>>>now it is the right time to propose topics for theses in the next
>>>university
>>>year.
>>
>>I propose "[RFE] IPA should support and manage DNS sites"
>>https://fedorahosted.org/freeipa/ticket/2008
>>
>>It is rotting in the backlog and we are not going to touch it any
>>time soon.
>>
>>There is very low amount of 'theory' behind it but IMHO it is
>>complex enough:
>>- Some theoretical analysis of our proposal sounds like a good
>>idea. We don't know if it is the best way or not.
>>- Some testing with various *real* non-SSSD clients will be helpful.
>>- Analysis how this can work with DNSSEC will be helpful.
>>- This feature needs API/CLI/UI design. It is not clear how the
>>workflow should look like etc.
>>- Support for roaming clients (in bind-dyndb-ldap) is missing.
>>
>>The scope can be changed as necessary.
>>
>
>We need to check if those are still relevant
>* https://thesis-managementsystem.rhcloud.com/topic/show/179/java-loginmodule-using-gssapi
><- I heard JBoss guys are fixing it
>* We are talking to Mongo about this: https://thesis-managementsystem.rhcloud.com/topic/show/95/gssapi-auth-plugin-for-mongodb-
>I would consider pushing it lower in priority
There is already SASL support in MongoDB, though existing SASL GSSAPI authentication
is only available in MongoDB Enterprise.
http://docs.mongodb.org/manual/tutorial/control-access-to-mongodb-with-kerberos-authentication/
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list