[263] in Info-AFS_Redistribution
ka_*() API specifications
daemon@ATHENA.MIT.EDU (Cal_Thixton@next.com)
Fri Aug 2 01:41:40 1991
Date: Fri, 2 Aug 91 00:33:10 EDT
From: Cal_Thixton@next.com
To: Info-AFS@transarc.com
Does anyone have any API specs on the kerberos ka*() calls?
I only have access to verbal lore here; nothing written.
Can someone point me to anything that describes how processes can get
authenticated to access user files without the user having to be
present. Seems that all that I have learned implies that kerberos has
a strong bias to having the user live and present so that only the
children of the authenticated process can access the user's files.
I have an environment that has background services doing work for a
user (e.g. printing & pasteboards) that requires accessing the user's
home account (e.g. fonts) when the user may or may not be logged in
and may or may not be childred of an already authenticated process.
Bottom line: how can one authenticated process give another
unlrelated process authentication?
Thanks
Cal Thixton
