projects / mod_auth_gssapi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 76a682e) | patch
Allow context to be attached to the connection
authorSimo Sorce <simo@redhat.com>
Sun, 9 Mar 2014 20:24:34 +0000 (16:24 -0400)
committerSimo Sorce <simo@redhat.com>
Sun, 9 Mar 2014 21:33:21 +0000 (17:33 -0400)
commit7454bf67ffe23a63fd530895b58f048f207b1e4f
tree2f02d2123a6d5b864df8639597b89b35e84054fdtree | snapshot
parent76a682eda05ce9f2705ccf17503fb3870b6b49aecommit | diff
Allow context to be attached to the connection

This means the authentication is not repeated for every request but
is retained for the life of the connection.

This may be a security issue if a frontend proxy shares connections
between multiple users so must be used with care.
RFC 4559 warns that clients should not try SPNEGO if such a proxy
is present. Unfortuntely the RFC assumes a non-standard method to
determine if a proxy maintain separate connections.
src/mod_auth_gssapi.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.