On Thu, 2011-12-01 at 19:31 -0500, John Dennis wrote: > On 12/01/2011 06:54 PM, Dmitri Pal wrote: > > Seems reasonable. I agree with pros and cons and suggestions but I am > > not the person to make the final approval. Simo? > > > > Question for John: Is there any benefit for CLI or it is for UI only? > > Currently it would benefit the UI only. That's mostly because there is > no mechanism in the cli to cache the session ID. Adding that wouldn't be > too difficult except for the issue of how to store the session ID > securely, it would have to be written to a file (unlike with a browser > which is supposed to hold session cookies in memory). Is there an > ability to add a data item like this to the user's kerberos credential > cache?
Yes we could create a fake key and stick the session id in it. That was the trick we proposed using when this question was raised a few months ago during a conference call on the matter. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-devel