diff options
| author | Pavel Reichl <preichl@redhat.com> | 2015-04-16 03:41:58 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-07-06 20:19:09 +0200 |
| commit | 0aa18cc0bf3447ca734476926724f1632e160807 (patch) | |
| tree | 5dd2d0e24e80753849e41fa3e574d1fa1743fa08 /src/config | |
| parent | 32cc237aa0f3c70a4e0bc0491ec0cba0016aaf5a (diff) | |
| download | sssd-0aa18cc0bf3447ca734476926724f1632e160807.tar.gz sssd-0aa18cc0bf3447ca734476926724f1632e160807.tar.xz sssd-0aa18cc0bf3447ca734476926724f1632e160807.zip | |
PAM: authenticate agains cache
Enable authenticating users from cache even when SSSD is in online mode.
Introduce new option `cached_auth_timeout`.
Resolves:
https://fedorahosted.org/sssd/ticket/1807
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/config')
| -rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 1 | ||||
| -rwxr-xr-x | src/config/SSSDConfigTest.py | 6 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.conf | 1 |
3 files changed, 6 insertions, 2 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index f2d9bf019..4d45e42af 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -149,6 +149,7 @@ option_strings = { 'subdomain_enumerate' : _('Control enumeration of trusted domains'), 'subdomain_refresh_interval' : _('How often should subdomains list be refreshed'), 'subdomain_inherit' : _('List of options that should be inherited into a subdomain'), + 'cached_auth_timeout' : _('How long can cached credentials be used for cached authentication'), # [provider/ipa] 'ipa_domain' : _('IPA domain'), diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index c6ba9f051..1d6107cea 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -547,7 +547,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'subdomains_provider', 'realmd_tags', 'subdomain_refresh_interval', - 'subdomain_inherit'] + 'subdomain_inherit', + 'cached_auth_timeout'] self.assertTrue(type(options) == dict, "Options should be a dictionary") @@ -910,7 +911,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'subdomains_provider', 'realmd_tags', 'subdomain_refresh_interval', - 'subdomain_inherit'] + 'subdomain_inherit', + 'cached_auth_timeout'] self.assertTrue(type(options) == dict, "Options should be a dictionary") diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index 7ad84cd82..29fd896cc 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -133,6 +133,7 @@ description = str, None, false realmd_tags = str, None, false subdomain_refresh_interval = int, None, false subdomain_inherit = str, None, false +cached_auth_timeout = int, None, false #Entry cache timeouts entry_cache_user_timeout = int, None, false |