[36417] in Kerberos
Re: kerberos testing server/realm
daemon@ATHENA.MIT.EDU (Roland Mainz)
Tue Sep 2 05:25:10 2014
Date: Tue, 2 Sep 2014 05:24:48 -0400 (EDT)
From: Roland Mainz <rmainz@redhat.com>
To: bodik <bodik@civ.zcu.cz>
Message-ID: <1023909494.27161120.1409649888326.JavaMail.zimbra@redhat.com>
In-Reply-To: <54057DC7.9050205@civ.zcu.cz>
MIME-Version: 1.0
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
----- Original Message -----
> From: "bodik" <bodik@civ.zcu.cz>
> To: kerberos@mit.edu
> Sent: Tuesday, September 2, 2014 10:20:23 AM
> Subject: kerberos testing server/realm
>
> Hello,
>
> I've question regarding testing GSS-API/Kerberos enabled applications.
>
> While working on some tweaks for rsyslogd I found that developers might miss
> a
> testing environment. Of course is possible for everyone to create a TEST
> realm,
> register all needed principals (which could be tough in dynamic clouds) and
> happily test the application at least some it's basic functionality which
> depends on auth...
>
>
> But I was thinking, if there would be something like "static_kdc.c" ? some
> very
> small implementation without all fancy features like PA, crossrealming, heavy
> encryption, something which would just send out session keys to everybody
> having
> some static secrets for anyone ... ?
>
>
> Is there anything like that or even could be this possible ?
> Or am I completely our of line ?
... and while we're making a wishlist for test environments... what about a way to run such a test KDC on a given pipe file (e.g. /tmp/mypipe or /dev/fd/18 or /proc/$parentpid/fd/18 for pipe/socket descriptors inherited by the parent process) so that neither special (root/admin) permissions are required nor IPv[46]/port collisions need to be avoided (think about running hundreds of tests in parallel).
----
Bye,
Roland
--
__ . . __
(o.\ \/ /.o) rmainz@redhat.com
\__\/\/__/ IPA/Kerberos5 team
/O /==\ O\
(;O/ \/ \O;)
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos