|
If you were logged in you would be able to see more operations.
|
|
|
|
DNS RFC 1035 6.1.2 describes a "catalog" that contains pointers to zone data. The same configuration mechanism makes sense for Kerberos so we will implement a realm catalog and ensure that DNS zone and Kerberos realm semantics are similar.
o apache.schema objectClass called apachedsServiceConfiguration
o STRUCTURAL objectClass MUST cn
o uses ExtensibleObject
o apacheKerberosConfiguration extends apacheServiceConfiguration
o OC apacheCatalogEntry is a mapping of a realm name attribute to a zoneBaseDN attribute
o name=example.com --> ou=users,dc=example,dc=com
o put a ou=realms under the configuration for a service instance
o add OC apacheCatalogEntry's
o pull all catalog entries into memory with a single level search under ou=realms
o use the zoneBaseDn with the InitialContextFactory. The nexus will figure out under what partition it is.
|
|
Description
|
DNS RFC 1035 6.1.2 describes a "catalog" that contains pointers to zone data. The same configuration mechanism makes sense for Kerberos so we will implement a realm catalog and ensure that DNS zone and Kerberos realm semantics are similar.
o apache.schema objectClass called apachedsServiceConfiguration
o STRUCTURAL objectClass MUST cn
o uses ExtensibleObject
o apacheKerberosConfiguration extends apacheServiceConfiguration
o OC apacheCatalogEntry is a mapping of a realm name attribute to a zoneBaseDN attribute
o name=example.com --> ou=users,dc=example,dc=com
o put a ou=realms under the configuration for a service instance
o add OC apacheCatalogEntry's
o pull all catalog entries into memory with a single level search under ou=realms
o use the zoneBaseDn with the InitialContextFactory. The nexus will figure out under what partition it is.
|
Show » |
| There are no subversion log entries for this issue yet.
|
|
New Feature
Open
Major
Implement realm catalog
