Neil Dunbar wrote:
> 
> Robert Watson wrote:
> 
> > Hi folks,
> >
> > I'd like to get an idea of who is using KerberosIV and KerberosV support
> > in Coda.
> 
> Me, for one. And it's very important. Now that I've got Doug Engert's
> sslk5 working properly, we have a straight path from
> 
> Smartcard->PKI->Kerberos V->distributed file system
> 
> without all of the gunk that goes with a DCE arrangement, and (reasonably)
> cross platform from Win95, WinNT to Unix (well, Linux right now), but
> I might get round to looking at HP-UX some time next millenium.
> 
> > mapping issue (how to map Kerberos identities to Coda identities),
> > authorization issues, not to mention ease of use issues (such as: we
> > always use this command line flag, why isn't it the default, or that the
> > automatic invocation of kinit is a pain, etc).  Kerberos support is
> > important to us in that it allows easy integration with existing
> > distributed systems and a single-login.  Because of existing setups here
> > at CMU, we have tested K4 support more extensively than K5; as such K5
> > comments would be particularly welcome :).
> 
> When I get some time, I'll get back to hacking on it. The
> biggest changes are the ones that you suggested about mapping
> Kerberos principals onto Coda ids. At the moment, I'm using a
> grungy pattern match to do the work, but would like a bit more
> flexibility than that gives me.
> 

Can you give me some pointers on what I need to get Kerb V support up an
running? What version of coda did you have this working on? I'm trying
to get coda 5.0 working with K5 authentication, and I'm not sure where
to start on. I'd like to get it working before I start hacking on
things, since I'm quite new to the grungy details of kerberos.

For example, how does the pattern match you are working use?

Thanks!

-- 
Troy Benjegerdes		troybenj_at_scl.ameslab.gov
Scalable Computing Lab		   hozer_at_drgw.net