[Calypso] [PATCH 3/3] Add GSSAPI/Kerberos authentication via Negotiate
Guido Günther
agx at sigxcpu.org
Sat Apr 9 12:31:18 PDT 2016
On Sat, Apr 09, 2016 at 06:07:08PM +0000, Jelmer Vernooij wrote:
> On Sat, Apr 09, 2016 at 12:42:40AM +0200, Guido Günther wrote:
> > When the service name is set via the servicename config option and
> > pykerberos is installed allow authentication via the negotiate header.
> >
> > Since this is not using basic auth and its on top of all other
> > authenciation schemes its not implemented as an acl module. This will
> > also allow us to make the whole negotiate auth be connection based in
> > the future.
> >
> > The current code results in the user being "user at REALM" so in case of
> > using "acl.personal=True" the directories need to be name like this as
> > well so we want to add a user to principal mapping at one point.
>
> LGTM
Pushed the whole series. Thanks,
-- Guido
More information about the Calypso
mailing list