[OpenAFS] Native Kerberos 5 authentication in openafs-1.4

Derek Atkins warlord@MIT.EDU
Thu, 15 Sep 2005 16:12:37 -0400


"Douglas E. Engert" <deengert@anl.gov> writes:

> NFSv4 has the same problem and I think they are trying to use gsspai
> and store the tickets in the kernel. (I may be wrong on how they are
> doing it, but they have the same problem of the kernel needing to
> get tickets.)

This is implementation dependent.  When I was first working on
RPCSEC_GSS for NFS at Sun (a decade ago) the credential cache was
still stored in user space and there was a user-space daemon that
would go fetch tickets.  The kernel would use IPCs to talk to the
daemon to request a ticket when the kernel needed a new one for a
user.

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available