X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=mech_eap%2FREADME;h=3cb2d50230d49744f23fb3e5b973742fd036f292;hb=refs%2Fheads%2Fjson-name;hp=c145c33479a6439ba1316bc1608e64d728396013;hpb=19d7957ee7eb2f18afac79d60dc8e0049c85ea7a;p=moonshot.git

diff --git a/mech_eap/README b/mech_eap/README
index c145c33..3cb2d50 100644
--- a/mech_eap/README
+++ b/mech_eap/README
@@ -132,3 +132,16 @@ To test fast reauthentication support, add the following to
 This will store a Kerberos ticket for a GSS-EAP authenticated user
 in a credentials cache, which can then be used for re-authentication
 to the same acceptor. You must have a valid keytab configured.
+
+In this testing phase of Moonshot, it's also possible to store a
+default identity and credential in a file. The format consists of
+the string representation of the initiator identity and the password,
+separated by newlines. The default location of this file is
+.gss_eap_id in the user's home directory, however the GSSEAP_IDENTITY
+environment variable can be used to set an alternate location.
+
+You can also set a default realm in [appdefaults]; the Kerberos
+default realm is never used by mech_eap (or at least, that is the
+intention), so if unspecified you must always qualify names. It should
+generally not be necessary to specify this.
+