-- Save Creds/Tickets
+* Save Creds/Tickets
Retrieve and store krbtgt and set env variable of file path.
- Cleanup Daemon
Maybe write some little cleanup daemon to clean up ticket files.
-- Set Path for Storage of Temp Files
+* Set Path for Storage of Temp Files
Storage of ticket files, and maybe others at some point.
- Verify Krb5 Ticket
Currently www/hostname.
Can I do this with Krb4?
+ Yes apparently! See bug report from Ken Raeburn.
-- Ability to Set Realm in Config
+* Ability to Set Realm in Config
Not compiled in anymore.
Maybe some form of multiple realms specifiable?
-- Settable Location of Keytab/Srvtab
+* Settable Location of Keytab/Srvtab
Again, in config instead of compiled in.
-- Authoritative Support
- If Kerberos check fails, don't fall through to other modules.
- Should I used AuthAuthoritative for this or a specific Kerb one?
-
-- Lifetime Settable
+* Lifetime Settable
Set lifetime of tickets in config.
-- Default Instance
+* Default Instance
You can make it so that 'by default', a user's daniel/root or
daniel/www instance is auth'd against instead of just daniel.
+- Require Instance
+ We'll allow for a 'require instance ......'.
+
- Any Instance
Allow for specification of daniel/root or daniel/admin.
If off, only checks against defaultinstance instance.
+ require user daniel/root daniel daniel/admin
- Expire Reauth
Set a lifetime on tickets, and after expiration, tries to -force-
a reauth (brings up login/password window)
-- Auth Fail Status
- Set how a failure fails. Forbidden or Unauthorized.
-
-- Forwardable/Renewable Tickets
+* Forwardable/Renewable Tickets
Setting in config.
- Browser Mutual Auth Support
Combined with plugins, use auth user already has.
-- AuthKerberosType(name?)
- Way to both have a normal AuthType and a Kerberos authtype,
- in case you want to turn authoritative off and have it punt
- to something else specific
- Re: msg 268 "Jason Gilbert"
-
- Environment Variables
KRB5CCNAME, KRBTKFILE
KRB_PRINC_NAME?
PHP, maybe perl, who knows.
Sample PHP one in mail.
-
+- Functional README's and INSTALL's