[4396] in Kerberos
Re: Single login per username in V4?
daemon@ATHENA.MIT.EDU (John Hascall)
Wed Dec 21 21:50:33 1994
To: kerberos@MIT.EDU
Date: 22 Dec 1994 02:38:14 GMT
From: john@iastate.edu (John Hascall)
Steve Morytko <steve@uconnvm.uconn.edu> wrote:
}Is there a way to allow only 1 simultaneous login per username such that if a
}username had an open ticket it would not allow the SAME username access until
}the ticket expires?
Yuck. If I login at 8am with a standard 8hr ticket and logout at,
say, noon, and then want to login again at, say 1pm -- oops, sorry,
you got a ticket which won't expire until 4pm...
So you'd have to add something to say you were done with a ticket
(and find some way to make sure they weren't lying) and then you'd
still have p.o.'d people if that message got lost (say a workstation
crashed).
Besides, it violates the "stateless" nature of the KDC.
Just make a rule that you lose your account if you share.
John
--
John Hascall ``An ill-chosen word is the fool's messenger.''
Systems Software Engineer, ISU Comp Center + Ames, IA 50011 + 515/294-9551
