I suggest adding the following doc to the end of chapter 5.6.
DNS (after the paragraphs about forwarders):
Any host is permitted to issue recursive queries against configured
forwarders by default. When required, this behavior can be changed
in /etc/named.conf in allow-recursion statement. Please
On Tue, Jun 21, 2011 at 04:48:08PM -0600, Pete Zaitcev wrote:
On Tue, 21 Jun 2011 18:28:36 -0400
Dmitri Pal d...@redhat.com wrote:
Dear Dmitri, thanks for the reply. I am reading curl source code
now and I notice the distinction between Negotiate that comes
from SPNEGO, and GSS-Negotiate.
On 8.6.2011 16:56, Rob Crittenden wrote:
Jan Cholasta wrote:
On 18.5.2011 17:21, Rob Crittenden wrote:
Make data type of certificates more obvious/predictable internally.
For the most part certificates will be treated as being in DER format.
When we load a certificate we will generally accept
Sumit Bose wrote:
On Tue, Jun 21, 2011 at 04:48:08PM -0600, Pete Zaitcev wrote:
On Tue, 21 Jun 2011 18:28:36 -0400
Dmitri Pal d...@redhat.com wrote:
Dear Dmitri, thanks for the reply. I am reading curl source code
now and I notice the distinction between Negotiate that comes
from SPNEGO,
Adam Young wrote:
On 06/21/2011 04:10 PM, Rob Crittenden wrote:
If the first request the web server handles is for a bad ticket (e.g.
expired) then it is possible to get past the point where the lazy LDAP
schema retrieval would happen causing a backtrace in the json handler.
Add a call to get
On 06/21/2011 06:48 PM, Pete Zaitcev wrote:
I am somewhat disaffected with cookies, as they have a lot of
weaknesses (usually).. Certainly, turning around the 401 replies costs
a lot, but until I know for myself that it cannot be avoided (by posting
Authenticate header preventively), I am
From 6ddf2efe36bec9befaacc778525309a38ce2de6d Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Wed, 22 Jun 2011 10:13:04 -0400
Subject: [PATCH] absolute to relative
---
install/ui/ipa.css | 21 +
1 files changed, 5 insertions(+), 16 deletions(-)
diff
On Tue, 21 Jun 2011 18:28:36 -0400
Dmitri Pal d...@redhat.com wrote:
Dear Dmitri, thanks for the reply. I am reading curl source code
now and I notice the distinction between Negotiate that comes
from SPNEGO, and GSS-Negotiate. I'm looking for the definition
of the latter.
I am working on
Jan Cholasta wrote:
On 8.6.2011 16:56, Rob Crittenden wrote:
Jan Cholasta wrote:
On 18.5.2011 17:21, Rob Crittenden wrote:
Make data type of certificates more obvious/predictable internally.
For the most part certificates will be treated as being in DER format.
When we load a certificate we
Martin Kosek wrote:
On Tue, 2011-06-14 at 17:41 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-06-06 at 13:47 -0400, Rob Crittenden wrote:
Our translation files haven't been updated for a few months, this brings
things up to date. It is intended for master only.
All I did to
On 06/21/2011 11:09 PM, Endi Sukma Dewata wrote:
The content and the size of entity header changes depending on the
facet being displayed, so the entity header has been converted into
a facet header to allow better control via CSS.
The DNS record facet has been updated to use the same styles
Dmitri Pal wrote:
On 06/22/2011 07:44 AM, Jim Meyering wrote:
Our best bet may be to find an embeddable httpd server that supports GSSAPI.
Do any of you know of one?
Quick search on the internet did not reveal any.
I found a Ruby GSSAPI library if this is of any help.
Dmitri Pal wrote:
Dmitri Pal wrote:
On 06/22/2011 07:44 AM, Jim Meyering wrote:
Our best bet may be to find an embeddable httpd server that supports
GSSAPI.
Do any of you know of one?
Quick search on the internet did not reveal any.
I found a Ruby GSSAPI library if this is of any help.
On 06/22/2011 12:14 PM, Jim Meyering wrote:
Sure,
http://git.fedorahosted.org/git?p=iwhd.git;a=blob;f=doc/image_repo.odt
Does not open for me.
I tried saving but it saves as 0-byte doc
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
On Wed, 2011-06-22 at 16:18 +0200, Jim Meyering wrote:
Dmitri Pal wrote:
On 06/22/2011 07:44 AM, Jim Meyering wrote:
Our best bet may be to find an embeddable httpd server that supports
GSSAPI.
Do any of you know of one?
Quick search on the internet did not reveal any.
I found a
On 6/22/2011 9:14 AM, Adam Young wrote:
As discussed over IRC, in this particular case the absolute positioning
still has advantages over relative because it allows the elements in the
header (e.g. title, back link, facet tabs, controls) to attach
'relative' to the header's borders.
This
On Wed, 22 Jun 2011 09:15:48 -0400
Jeff Darcy jda...@redhat.com wrote:
(1) Have we definitively concluded that it's not possible to implement
the pieces we need on top of the core libmicrohttpd code?
I hooked into rest.c:access_handler_0(), using MHD_lookup_connection_value
and friends for
Martin Kosek wrote:
On Fri, 2011-06-17 at 15:37 +0200, Martin Kosek wrote:
On Fri, 2011-06-17 at 14:44 +0200, Martin Kosek wrote:
Make sure that IPA can be installed with root umask set to secure
value 077. ipa-server-install was failing in DS configuration phase
when dirsrv tried to read
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
Part 2 of 2 Parts
Part 1 introduced some problems discovered with DN handling in
FreeIPA.
Part 2 discusses proposed utility classes which eliminate the
problems described in Part 1 and how to use
John Dennis wrote:
Revised patch attached.
Added copyright notice.
Added support for concatenation and in-place addition for a few more types.
Updated the unit test for the new functionality.
Correct import statement in unit test.
I can work with the updated patch you sent but it isn't
John Dennis wrote:
Revised patch attached.
Added copyright notice.
Added support for concatenation and in-place addition for a few more types.
Updated the unit test for the new functionality.
Correct import statement in unit test.
Ack, pushed to master and ipa-2-0
John Dennis wrote:
DN's may be encoded. If we're going to return the value from one of the
RDN's in the DN then we must decode the DN first, otherwise the returned
value won't be what we're expecting. Specifically the value getting
passed back through the RPC interface was not the value set
John Dennis wrote:
The csv reader is used to break comma separated lists into individual
items. However what if you want one of those items to have an embedded
comma? The answer is to escape it by preceding the comma with a
backslash. This patch adds support for escaping in the csv reader.
John Dennis wrote:
Update test_role_plugin test to include a comma in a privilege
Introduce a comma into a privilege name to assure we can handle
commas.
Commas must be escaped for some parameters, add escape_comma() utility
and invoke it for the necessary parameters.
Utilize a DN object to
On 06/22/2011 01:53 PM, Endi Sukma Dewata wrote:
On 6/22/2011 9:14 AM, Adam Young wrote:
As discussed over IRC, in this particular case the absolute
positioning still has advantages over relative because it allows the
elements in the header (e.g. title, back link, facet tabs, controls)
to
Navigation breadcrumb has been added to the facet header. The
breadcrumb will appear on details, association, and automount
facets.
Ticket #1323
--
Endi S. Dewata
From 5bf32d412bbdd1b4d6bd78a5a1944c75af954b3b Mon Sep 17 00:00:00 2001
From: Endi S. Dewata edew...@redhat.com
Date: Wed, 22 Jun
Hi,
On 22.06.2011 20:30, Simo Sorce wrote:
Quick search on the internet did not reveal any.
I found a Ruby GSSAPI library if this is of any help.
https://github.com/zenchild/gssapi/wiki
If only iwhd were written in Ruby rather than C.
Maybe you can take mod_auth_kerb sources and adapt it
27 matches
Mail list logo