Details

    • Type: New Feature New Feature
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: 2.0.0-RC2
    • Component/s: None
    • Labels:
      None

      Description

      DNS RFC 1035 6.1.2 describes a "catalog" that contains pointers to zone data. The same configuration mechanism makes sense for Kerberos so we will implement a realm catalog and ensure that DNS zone and Kerberos realm semantics are similar.
      o apache.schema objectClass called apachedsServiceConfiguration
      o STRUCTURAL objectClass MUST cn
      o uses ExtensibleObject
      o apacheKerberosConfiguration extends apacheServiceConfiguration
      o OC apacheCatalogEntry is a mapping of a realm name attribute to a zoneBaseDN attribute
      o name=example.com --> ou=users,dc=example,dc=com
      o put a ou=realms under the configuration for a service instance
      o add OC apacheCatalogEntry's
      o pull all catalog entries into memory with a single level search under ou=realms
      o use the zoneBaseDn with the InitialContextFactory. The nexus will figure out under what partition it is.

        Activity

          People

          • Assignee:
            Enrique Rodriguez
            Reporter:
            Enrique Rodriguez
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:

              Development