[225] in Info-AFS_Redistribution
AFS & XDM
daemon@ATHENA.MIT.EDU (billdo@itd.umich.edu)
Sat Jul 20 14:36:37 1991
Date: Sat, 20 Jul 91 14:11:09 -0400
From: billdo@itd.umich.edu
To: henry@ads.com
Cc: umich-systems@itd.umich.edu, info-afs@transarc.com
> Date: Thu, 18 Jul 91 17:22:50 -0700
> we have a limited number of users who use xdm to login, and it
doesn't
> seem to call /bin/login to do its tricks, so these users aren't
> getting tokens. has anyone done an xdm which will provide tokens
upon
> login to AFS users?
We have a library (libaaa) which we hook into all of the
"front-door" and "back-door" programs (login, ftpd, xdm,
rexecd, ...). It handles the differences between MIT and
Transarc string-to-key, acquires both MIT Tickets and AFS
Tokens, does PAGs correctly, allows acquiring tokens for
multiple cells at once, and enables finer grained control
of machine authorization than the all-or-nothing of a line
in /etc/passwd.
The library itself is layered on top of MIT Kerberos V4
so you need to have libkrb & libdes available on the
target architecture as well. Currently we have binaries
for sun3_35, sun3_40, pmax_ul4, rs_aix31, and rt_aos4.
I'm on vacation as of yesterday until the end of the
month, so you may want to direct replies to:
umich-systems@itd.umich.edu
Hope this helps,
Bill
P.S. We have been using Zephyr & Kerberized POP and
MH code (and for awhile Discuss and OLC also)
for quite some time now. No AFS specific mods
were needed for that code -- mainly because
our Tickets expire sooner than the AFS Token.
