2) Provide a facility for a user to "log in" once by supplying plain credentials and storing them securely in the user's private directory. The qpid utilities could then check for stored credentials in lieu of supplied credentials. A Kerberos-5 implementation will eventually provide this kind of single-sign-on capability but for PLAIN authentication, explicit storage would be needed. Perhaps we should just hurry up and implement GSSAPI/Krb5.
This is much the same as what svn does and would be my preference. It has been proven to work.
Carl.
