sssd.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Jakub Hrozek <jhrozek@redhat.com>	2017-03-22 13:01:18 +0100
committer	Jakub Hrozek <jhrozek@redhat.com>	2017-03-30 14:10:16 +0200
commit	861ab44e8148208425b67c4711bc8fade10fd3ed (patch)
tree	b761acab71367242011f426f486f64188eb8fdb4 /COPYING
parent	3e39806177e1cd383743ff596cb96df44a6ce8c9 (diff)
download	sssd-861ab44e8148208425b67c4711bc8fade10fd3ed.tar.gz sssd-861ab44e8148208425b67c4711bc8fade10fd3ed.tar.xz sssd-861ab44e8148208425b67c4711bc8fade10fd3ed.zip

KRB5: Authenticate users in a non-POSIX domain using a MEMORY ccache

Related to: https://pagure.io/SSSD/sssd/issue/3310 The following changes were done to the Kerberos authentication code in order to support authentication in a non-POSIX environment: - delayed authentication is disabled in non-POSIX domains - when a user logs in in a non-POSIX domain, SSSD uses a MEMORY:$username ccache and destroys is then krb5_child finishes so that just the numeric result is used - krb5_child doesn't drop privileges in this configuration because there is nothing to drop privileges to Reviewed-by: Sumit Bose <sbose@redhat.com>

Diffstat (limited to 'COPYING')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: