On Sep 8, 2006, at 11:58, Vipin Rathor wrote: > As MIT_krb1.5 supports two plugin interfaces, one internal > interface for > new database layer and other public interface for KDC. > here, can anyone tell me, > 1.How i can use these interfaces to get most out of them? > 2.is there any reference doc. available for using these interfaces?
No reference docs currently. kdc location: Are you doing anything interesting where krb5.conf entries or DNS SRV records won't cut it for locating your KDCs? db: This may be a moving target, at least for a little while. The 1.6 release is going to have an LDAP-based back end. If you feel like writing one for, say, MySQL, or Postgres, that might be of interest to people. Depends on performance a lot -- latency per request, as well as throughput. Actually, Sam and I had an idea for a use for the KDC location plugin interface: You could use it for experimenting with new code to do the config-file or DNS lookups in different ways. Either for your own private use, without affecting other users, or as a way of testing code you might like to integrate into your source tree and/or submit to us, but without having to rebuild the whole tree for every change. For example: Our code for using DNS SRV records doesn't look at the "additional data" fields of the response, which may contain the network addresses of the hosts listed, so you don't have to make additional queries. (A question I haven't investigated: Does the presence of an A record there and no AAAA records mean there is no AAAA record, or would you still need to make that query? My guess would be the latter.) And depending on your environment, if the address queries are needed, it may be more efficient to find a way to fire off multiple requests to the DNS server and then collect the results as they come in (but you may not want to lose the /etc/hosts check). Ken ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
