[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: XSSO? How to communicate to XSSO/PAM external authentication info?

Nicolas Williams wrote:
> I now think that PAM binary prompts could certainly be used to handle
> GSS-API and anything else such as raw Kerberos, SRP and so on.

I think binary prompts are not quite the complete solution. We also need
some event driven model for supporting ticket expiration/renewal but I
agree with this sentiment.

Perhaps you'ld like to write out a typical event loop for gss type
authentication and ticket renewal? That should help indentify where PAM
is lacking at present.

> Notice that GSS-API binary prompts don't seems to fit any of the
> currently allocated binary prompt control characters. This is an area
> that might need work to make this approach possible.

Perhaps you could include details here too?



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []