directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Enrique Rodriguez (JIRA)" <j...@apache.org>
Subject [jira] Created: (DIRKERBEROS-31) Implement realm catalog
Date Tue, 18 Oct 2005 15:07:44 GMT
Implement realm catalog
-----------------------

         Key: DIRKERBEROS-31
         URL: http://issues.apache.org/jira/browse/DIRKERBEROS-31
     Project: Directory Kerberos
        Type: New Feature
    Versions: 0.5.1    
    Reporter: Enrique Rodriguez
 Assigned to: Enrique Rodriguez 
     Fix For: 0.5.1


DNS RFC 1035 6.1.2 describes a "catalog" that contains pointers to zone data.  The same configuration
mechanism makes sense for Kerberos so we will implement a realm catalog and ensure that DNS
zone and Kerberos realm semantics are similar.
o apache.schema objectClass called apachedsServiceConfiguration
o STRUCTURAL objectClass MUST cn
o uses ExtensibleObject
o apacheKerberosConfiguration extends apacheServiceConfiguration
o OC apacheCatalogEntry is a mapping of a realm name attribute to a zoneBaseDN attribute
o name=example.com --> ou=users,dc=example,dc=com
o put a ou=realms under the configuration for a service instance
o add OC apacheCatalogEntry's
o pull all catalog entries into memory with a single level search under ou=realms
o use the zoneBaseDn with the InitialContextFactory. The nexus will figure out under what
partition it is. 


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message