On 12/01/2011 08:48 PM, Simo Sorce wrote: > On Thu, 2011-12-01 at 19:31 -0500, John Dennis wrote: >> On 12/01/2011 06:54 PM, Dmitri Pal wrote: >>> Seems reasonable. I agree with pros and cons and suggestions but I am >>> not the person to make the final approval. Simo? >>> >>> Question for John: Is there any benefit for CLI or it is for UI only? >> Currently it would benefit the UI only. That's mostly because there is >> no mechanism in the cli to cache the session ID. Adding that wouldn't be >> too difficult except for the issue of how to store the session ID >> securely, it would have to be written to a file (unlike with a browser >> which is supposed to hold session cookies in memory). Is there an >> ability to add a data item like this to the user's kerberos credential >> cache? > Yes we could create a fake key and stick the session id in it. > That was the trick we proposed using when this question was raised a few > months ago during a conference call on the matter. > > Simo. > Can we please then extend the design to include this?
-- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-devel mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-devel