On Mar 16, 12:32pm, Peter Lister, Cranfield Computer Centre wrote:
>
> The idea of HTTP as an alternative AFS transport layer is very attractive,
but
> it implies that HTTP needs beefing up to do Kerberos authentication and
better
> caching, neither of which are intrinsically AFS specific!
>
I've added Kerberos 4 support (no encryption yet, though) to httpd and
Mosaic by use of the new URL:
x-khttp://host:port/....
I did it using the "standard" way of grafting Kerberos on top of an
existing protocol. After the Mosaic client connects to the httpd it will
send over the ticket, and of course the first thing the kerberized httpd does
is look for a ticket. When a script gets executed by httpd the following
environment variables get set:
REMOTE_USER = [EMAIL PROTECTED]
AUTH_TYPE = KERB4_MUTUAL
KERB4_USER = schemers
KERB4_INSTANCE =
KERB4_REALM = IR.STANFORD.EDU
I've sent the patches in for Mosaic and HTTPD. If someone has time and wants
to add encryption please do. I'm not sure of the folks at NCSA will use
the patches for an interim solution or not.
Back to the issue though. I'm not that familiar with the HTTP protocol,
is it possible for the httpd server to give the client a hint when returning
a file? Like, here is the file you requested, and by the way, you can also
get at it via this AFS path. Then the client could cache that fact if it
wanted and use /afs next time.
roland
I've sent the patches in for Mosaic and HTTPD. If someone has time and wants
--
Roland J. Schemers III | Networking Systems
Systems Programmer | 414 Sweet Hall +1 (415) 723-6740
Distributed Computing Operations | Stanford, CA 94305-3090
Stanford University | [EMAIL PROTECTED]
