[17] in pc-kerberos
Re: Kerberos on PC/TCP
daemon@ATHENA.MIT.EDU (Shawn Mamros)
Thu Jun 2 17:58:16 1994
Date: Thu, 2 Jun 94 17:57:04 EDT
To: pbh@MIT.EDU
From: mamros@ftp.com (Shawn Mamros)
Reply-To: mamros@ftp.com
Cc: sfa@fish-license.ifs.umich.edu, pc-kerberos@MIT.EDU
>I'd like to see the ticket management be interoperable as I mentioned in an
>earlier message. So far I haven't gotten any feedback from FTP or others
>on this list. :(
Well, if it's interoperability you want... :-)
There really isn't any big "corporate secret" as to how PC/TCP currently
stores Kerberos tickets. We use a file-based ticket cache. Now, there
are two issues with any ticket file scheme: the format of the file, and
where (and how) to locate it. There's really no big secrets as to how
we do those, either.
Our ticket files use the same format as does MIT's UNIX code, pretty
much byte-for-byte. So, I don't think there could be too many objections
there... ;-)
As to location... we use the PC/TCP configuration file (pctcp.ini) to
determine that. As our documentation states, our ticket files are
located in the directory designated by the "directory" parameter in
the [pctcp kerberos] section of pctcp.ini. The name of the file is
"username.tkt", where "username" is determined by the "user" parameter
in the [pctcp general] section of pctcp.ini. If for some reason the
"user" parameter is undefined, we fall back on the filename "ticket.ses".
I can understand how people might think the use of pctcp.ini for ticket
file location is too "proprietary" for a general solution. If someone
would like to propose a "standard" for how to locate ticket files, we'll
gladly adopt it as soon as we can (while still supporting our current
scheme as a fallback for our customers, of course... :-) Sound reasonable?
-Shawn Mamros
E-mail to: mamros@ftp.com
