unique readers

Todd Olson tco2 at cornell.edu
Thu Aug 1 14:52:50 UTC 2002


Hi Jeff

At 01:59 -0400 2002/01/08, Jeffrey M. Vinocur wrote:
>On Tue, 11 Jun 2002, Russ Allbery wrote:
>
>[ Back from vacation, resurrecting some old threads ]
>
>> Todd Olson <tco2 at cornell.edu> writes:
>>
>> > Cornell Univ. is about to deploy a cookie based Kerberos proxy system
> > > for Cornell www sites that care about limiting access.
>>
>(Russ, are you still curious about this?  I think there are some slides on
>cuwebauth/cuweblogin up on the web which may be informative.)

Sorry about not getting back on this ... I've been (and still am busy)

>Todd, FYI, I don't think you're locked into 2.2 because of the hacks; the
>pluggable resolver scheme introduced with readers.conf should be able to
>do the out-of-band querying you require.  (I looked at writing the
>necessary resolver one afternoon, to present to you as fait accompli, but
>couldn't find the necessary libraries.  I think it will be
>straightforward; model off the ident resolver which comes with 2.3.)

Thanks Jeff!
I appreciate thought and offer of assistance
Maybe we can still do something ...

However, when last I looked at ver 2.3 the hooks were not in
the right places to implement the current Cornell policies.
(policies might be changable, but that is a major project itself)
I've had some vague idea of completely redesigning nnrpd
so the hooks are easier to do and maintain, but so far
I have not had time.

Regards,
Todd Olson
Cornell University


More information about the inn-workers mailing list