-- Save Creds/Tickets
- Retrieve and store krbtgt and set env variable of file path.
-
- Cleanup Daemon
Maybe write some little cleanup daemon to clean up ticket files.
-- Set Path for Storage of Temp Files
- Storage of ticket files, and maybe others at some point.
-
- Verify Krb5 Ticket
Currently www/hostname.
Can I do this with Krb4?
+ Yes apparently! See bug report from Ken Raeburn.
-- Ability to Set Realm in Config
+* Ability to Set Realm in Config
Not compiled in anymore.
Maybe some form of multiple realms specifiable?
-- Settable Location of Keytab/Srvtab
+* Settable Location of Keytab/Srvtab
Again, in config instead of compiled in.
-- Authoritative Support
- If Kerberos check fails, don't fall through to other modules.
- Should I used AuthAuthoritative for this or a specific Kerb one?
-
-- Lifetime Settable
- Set lifetime of tickets in config.
-
-- Default Instance
- You can make it so that 'by default', a user's daniel/root or
- daniel/www instance is auth'd against instead of just daniel.
-
-- Any Instance
- Allow for specification of daniel/root or daniel/admin.
- If off, only checks against defaultinstance instance.
+- Require Instance
+ We'll allow for a 'require instance ......'.
- Expire Reauth
Set a lifetime on tickets, and after expiration, tries to -force-
a reauth (brings up login/password window)
-- Auth Fail Status
- Set how a failure fails. Forbidden or Unauthorized.
-
-- Forwardable/Renewable Tickets
- Setting in config.
-
- Browser Mutual Auth Support
Combined with plugins, use auth user already has.
-
-- AuthKerberosType(name?)
- Way to both have a normal AuthType and a Kerberos authtype,
- in case you want to turn authoritative off and have it punt
- to something else specific
- Re: msg 268 "Jason Gilbert"
+ - implement support for the Negotiate authentication method
- Environment Variables
KRB5CCNAME, KRBTKFILE
- Multi-Realm Support
require realm EOS.NCSU.EDU maybe?
-- HEIMDEL Support
- Mods to make sure it works with the HEIMDEL releases.
+- HEIMDAL Support
+ Mods to make sure it works with the HEIMDAL releases.
- Mods To Work With STRONGHOLD and SSL