Ticket #974 (closed enhancement: fixed)

Opened 3 years ago

Last modified 20 months ago

[RFE] Support DIR: credential caches for multiple TGT support

Reported by: dpal Owned by: jhrozek
Priority: critical Milestone: SSSD 1.9.0 beta 2
Component: Kerberos Provider Version: 1.6.0
Keywords: Cc:
Blocked By: Blocking:
Tests Updated: no Coverity Bug:
Patch Submitted: yes Red Hat Bugzilla: 805917, 848547
Design link:
Feature Milestone:
Design review: Fedora test page:
Chosen: Candidate to push out:
Release Notes:

Description

MIT dev team is working on the new type of the credential cache to support the case when one user has multiple tickets for different Kerberos realms. This is a feature of Kerberos 1.10. We need to take advantage of this functionality as soon as it becomes available.

http://k5wiki.kerberos.org/wiki/Projects/Client_principal_selection

Change History

comment:1 Changed 3 years ago by jzeleny

  • Owner changed from somebody to jzeleny

comment:2 Changed 3 years ago by dpal

  • Summary changed from Implement new credential cache type in SSSD to Integrate with new MIT implementation of the credential cache
  • Milestone changed from NEEDS_TRIAGE to SSSD 1.9.0

comment:3 Changed 2 years ago by simo

The client principal selection method works great in MIT Krb5 1.10 Any chance we can anticipate support in SSSD master so I can do long term testing ?

comment:4 Changed 2 years ago by jzeleny

  • Milestone changed from SSSD 1.9.0 to NEEDS_TRIAGE

Moving to NEEDS_TRIAGE for evaluation

comment:5 Changed 2 years ago by dpal

  • Milestone changed from NEEDS_TRIAGE to SSSD 1.9.0

comment:6 Changed 2 years ago by dpal

  • Milestone changed from SSSD 1.9.0 to SSSD Kerberos improvements

comment:7 Changed 2 years ago by dpal

  • Priority changed from major to critical

comment:8 Changed 2 years ago by dpal

  • Red Hat Bugzilla set to 0

comment:9 Changed 2 years ago by sgallagh

  • Type changed from defect to enhancement
  • Summary changed from Integrate with new MIT implementation of the credential cache to Support DIR: credential caches for multiple TGT support
  • Component changed from SSSD to Kerberos Provider
  • Milestone changed from SSSD Kerberos Improvements Feature to NEEDS_TRIAGE

Pulling back out to NEEDS_TRIAGE. I think we need to have this earlier than 1.11, as it should really aim to land in Fedora 18.

comment:10 Changed 2 years ago by dpal

  • Summary changed from Support DIR: credential caches for multiple TGT support to [RFE] Support DIR: credential caches for multiple TGT support

comment:11 Changed 2 years ago by dpal

  • Red Hat Bugzilla changed from 0 to [https://bugzilla.redhat.com/show_bug.cgi?id=805917 805917]

Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=805917

comment:12 Changed 2 years ago by dpal

  • Milestone changed from NEEDS_TRIAGE to SSSD 1.10 beta

comment:13 Changed 2 years ago by sgallagh

  • Milestone changed from SSSD 1.10 beta to SSSD 1.9.0 beta 2

comment:14 Changed 2 years ago by jhrozek

  • Owner changed from jzeleny to jhrozek
  • Status changed from new to assigned

comment:15 Changed 22 months ago by jhrozek

  • Patch Submitted set

comment:17 Changed 20 months ago by dpal

  • Red Hat Bugzilla changed from [https://bugzilla.redhat.com/show_bug.cgi?id=805917 805917] to [https://bugzilla.redhat.com/show_bug.cgi?id=805917 805917], [https://bugzilla.redhat.com/show_bug.cgi?id=848547 848547]

Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=848547

Note: See TracTickets for help on using tickets.