On Thu, 2011-12-01 at 19:31 -0500, John Dennis wrote:
> On 12/01/2011 06:54 PM, Dmitri Pal wrote:
> > Seems reasonable. I agree with pros and cons and suggestions but I am
> > not the person to make the final approval. Simo?
> >
> > Question for John: Is there any benefit for CLI or it is for UI only?
> 
> Currently it would benefit the UI only. That's mostly because there is 
> no mechanism in the cli to cache the session ID. Adding that wouldn't be 
> too difficult except for the issue of how to store the session ID 
> securely, it would have to be written to a file (unlike with a browser 
> which is supposed to hold session cookies in memory). Is there an 
> ability to add a data item like this to the user's kerberos credential 
> cache?

Yes we could create a fake key and stick the session id in it.
That was the trick we proposed using when this question was raised a few
months ago during a conference call on the matter.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to