Added authoritative support.

[mod_auth_kerb.cvs/.git] / TODO

- Save Creds/Tickets
        Retrieve and store krbtgt and set env variable of file path.

- Cleanup Daemon
        Maybe write some little cleanup daemon to clean up ticket files.

- Set Path for Storage of Temp Files
        Storage of ticket files, and maybe others at some point.

- Verify Krb5 Ticket
        Currently www/hostname.
        Can I do this with Krb4?

- Ability to Set Realm in Config
        Not compiled in anymore.
        Maybe some form of multiple realms specifiable?

- Settable Location of Keytab/Srvtab
        Again, in config instead of compiled in.

- Lifetime Settable
        Set lifetime of tickets in config.

- Default Instance
        You can make it so that 'by default', a user's daniel/root or 
        daniel/www instance is auth'd against instead of just daniel.

- Any Instance
        Allow for specification of daniel/root or daniel/admin.
        If off, only checks against defaultinstance instance.

- Expire Reauth
        Set a lifetime on tickets, and after expiration, tries to -force-
        a reauth (brings up login/password window)

- Forwardable/Renewable Tickets
        Setting in config.

- Browser Mutual Auth Support
        Combined with plugins, use auth user already has.

- Environment Variables
        KRB5CCNAME, KRBTKFILE
        KRB_PRINC_NAME?
        Re: msg 266 Christopher Lindsey

- Multi-Realm Support
        require realm EOS.NCSU.EDU maybe?

- HEIMDEL Support
        Mods to make sure it works with the HEIMDEL releases.

- Mods To Work With STRONGHOLD and SSL

- Guards Against Replay Attack Checks?
        Re: msg 249 Fabian Ritzmann
        Maybe some form of cookie support?

- KRB5LEGACY Check
        Need to make sure it works with older Krb's

- Provide "Logout" Sample Script
        PHP, maybe perl, who knows.
        Sample PHP one in mail.

- Functional README's and INSTALL's