[15998] in Kerberos_V5_Development
Re: Plugin project proposal
daemon@ATHENA.MIT.EDU (Russ Allbery)
Thu Jul 15 17:24:34 2010
From: Russ Allbery <rra@stanford.edu>
To: "krbdev\@mit.edu" <krbdev@mit.edu>
In-Reply-To: <8DD7AD829AB61E499A433D6E558110A302348A7E02@EXPO7.exchange.mit.edu>
(Zhanna Tsitkova's message of "Thu, 15 Jul 2010 16:57:54 -0400")
Date: Thu, 15 Jul 2010 14:23:49 -0700
Message-ID: <87oce8qw0q.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Zhanna Tsitkova <tsitkova@mit.edu> writes:
> The assumption here was that krb5 contexts are usually created at the
> start-up, are long-living and there are very few contexts created.
In an ideal situation, this would probably be the case, but there are a
lot of real-world situations that do password authentication with some
volume. A typical use pattern for such an application is to generate a
new krb5_context for every authentication attempt (usually because that's
encapsulated in a PAM module or similar plugin). I suspect you will find
many situations where it's common to have several krb5_contexts created
and freed per second.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
