Return-Path: X-Original-To: apmail-directory-kerby-archive@minotaur.apache.org Delivered-To: apmail-directory-kerby-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 372B218D3E for ; Fri, 20 Nov 2015 12:25:56 +0000 (UTC) Received: (qmail 91827 invoked by uid 500); 20 Nov 2015 12:25:56 -0000 Delivered-To: apmail-directory-kerby-archive@directory.apache.org Received: (qmail 91799 invoked by uid 500); 20 Nov 2015 12:25:56 -0000 Mailing-List: contact kerby-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: kerby@directory.apache.org Delivered-To: mailing list kerby@directory.apache.org Received: (qmail 91786 invoked by uid 99); 20 Nov 2015 12:25:55 -0000 Received: from Unknown (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 20 Nov 2015 12:25:55 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id 41FEFC0288 for ; Fri, 20 Nov 2015 12:25:55 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 2.9 X-Spam-Level: ** X-Spam-Status: No, score=2.9 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=disabled Authentication-Results: spamd4-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-eu-west.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id A3wooPuv4-uE for ; Fri, 20 Nov 2015 12:25:44 +0000 (UTC) Received: from mail-qg0-f47.google.com (mail-qg0-f47.google.com [209.85.192.47]) by mx1-eu-west.apache.org (ASF Mail Server at mx1-eu-west.apache.org) with ESMTPS id 355472059C for ; Fri, 20 Nov 2015 12:25:43 +0000 (UTC) Received: by qgec40 with SMTP id c40so71231350qge.2 for ; Fri, 20 Nov 2015 04:25:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=yLLdeMRjGs0ovisC0Ab22meaxL+lE2DzdChIt9fY6a4=; b=C2Oriyl8eFn1MNnJGjcu+K6AZP1gtGMwAv7KHdvp0jgucqk4B119jt5qCWvdV6FPjT aBBBTW5XMkiuimeUlOC19ihxh7af+uj/QUjmR1AybSeWFEtvxDsphWgiz1sMvCZBqBfI GdLxLsbeb5Z/JWvUmiwFJ2luzkZ0eK21h1NgNuK0wbqB0bH2pJO/+dItCkn/Wu3i19di rX5lZGUXsViULIMApBjcDWlYvRSYBfiN+JbbLLihCiS8GmsImokgax2e+u8mG0flplhL 8J4JkOL8uTZhSwSRI9AXD/EHancksFYAeWXfWjHy7cVcAvRw4oMrjcgS+XuEB9b9DtRd qOCQ== MIME-Version: 1.0 X-Received: by 10.140.173.65 with SMTP id t62mr13414025qht.96.1448022342152; Fri, 20 Nov 2015 04:25:42 -0800 (PST) Received: by 10.55.43.75 with HTTP; Fri, 20 Nov 2015 04:25:41 -0800 (PST) Received: by 10.55.43.75 with HTTP; Fri, 20 Nov 2015 04:25:41 -0800 (PST) In-Reply-To: <8D5F7E3237B3ED47B84CF187BB17B66611CC8A4B@SHSMSX152.ccr.corp.intel.com> References: <8D5F7E3237B3ED47B84CF187BB17B66611CC8733@SHSMSX152.ccr.corp.intel.com> <1328025171.4506746.1447982563984.JavaMail.zimbra@psu.edu> <8D5F7E3237B3ED47B84CF187BB17B66611CC8822@SHSMSX152.ccr.corp.intel.com> <8D5F7E3237B3ED47B84CF187BB17B66611CC8A4B@SHSMSX152.ccr.corp.intel.com> Date: Fri, 20 Nov 2015 07:25:41 -0500 Message-ID: Subject: RE: Categorize KrbOption by adding group info From: Marc Boorshtein To: kerby@directory.apache.org Content-Type: multipart/alternative; boundary=001a1139b12e54b9960524f7f9d5 --001a1139b12e54b9960524f7f9d5 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable That's awesome, thanks Kai. I've been tied up on another project (getting myvd integrated with apacheds-2.0.0-m20) but I'm hoping to dive back in this weekend Thanks Marc On Nov 20, 2015 1:25 AM, "Zheng, Kai" wrote: > Steve and Marc, > > It's done, along with some other things. Please update to the latest code= s. > 1. Added group to options and pick kdc flag related ones by group; > 2. Added requested some kdc flags, like RENEWABLE, RENEWABLE_OK and etc.; > 3. Not only for AS_REQ/TGT, but also for TGS_REQ/SGT; > 4. Some refactoring. > > Regards, > Kai > > -----Original Message----- > From: Zheng, Kai [mailto:kai.zheng@intel.com] > Sent: Friday, November 20, 2015 9:53 AM > To: kerby@directory.apache.org; Steve Moyer > Subject: RE: Categorize KrbOption by adding group info > > Don't worry, I'll take this. > > Regards, > Kai > > -----Original Message----- > From: Steve Moyer [mailto:smoyer@psu.edu] > Sent: Friday, November 20, 2015 9:23 AM > To: kerby@directory.apache.org > Subject: Re: Categorize KrbOption by adding group info > > I like the idea of groups in KrbOption ... it felt a little too dangerous > simply matching names but matched names and the appropriate group should = be > safe. > > I might get to this change tomorrow but I'm working on another related > project at the moment. > > Steve > > -- > > =E2=80=9CThe mark of the immature man is that he wants to die nobly for a= cause, > while the mark of the mature man is that he wants to live humbly for one.= =E2=80=9D > - Wilhelm Stekel > > ----- Original Message ----- > From: "Zheng, Kai" > To: kerby@directory.apache.org > Sent: Thursday, November 19, 2015 7:44:48 PM > Subject: Categorize KrbOption by adding group info > > Hi Steve, > > Ref. https://issues.apache.org/jira/browse/DIRKRB-458 you're going to add > about 15 KDC flags into KrbOption. As we discussed it sounds reasonable. > Now here I'm considering it may be good to categorize them or easily > identify them as 'kdc flags', thus it would be much elegant to pick them = up > and transform them to KdcRequest. How about adding a 'group' field to the > KrbOption enum? It could be done while you make the changes or we can do = it > separately. Thanks. > > Also welcome any others' feedback. Thanks. > > Regards, > Kai > --001a1139b12e54b9960524f7f9d5--