logo_kerberos.gif

Difference between revisions of "Projects/Documentation Tasks"

From K5Wiki
Jump to: navigation, search
m (Added links to Sphinx documentation. Split the original Tier_1 table to separate higher and lower priorities.)
(Added some application development and admin tasks)
Line 5: Line 5:
 
To keep track of the various tasks that need to be documented such as function documentation, administration, troubleshooting etc.
  
To keep track of the various tasks that need to be documented such as function documentation, administration, troubleshooting etc.
   
=== API documentation ===
  
   
 
{| class="wikitable"
  
{| class="wikitable"
Line 32: Line 31:
 
|}
  
|}
   
  +
  +
=== Application development ===
  +
  +
{| class="wikitable"
  +
|+
  +
|-
  +
! task
  +
! who writes?
  +
! who reviews?
  +
! reviewed?
  +
! comments
  +
|-
  +
|-
  +
| A basic introduction to GSS-API, making use of the sample client and server, with special attention paid to Kerberos-related GSS-API issues|| || || ||
  +
|-
  +
| How to get servers to use any key in a keytab|| || || ||
  +
|-
  +
| How to tell the GSS-API library on the client side where the existing Kerberos ticket cache is|| || || ||
  +
|-
  +
| How to write mechanism-independent GSS-API code and when to do so|| || || ||
  +
|-
  +
| SASL: how to use it, and how it interacts with GSS-API|| || || ||
  +
|-
  +
| A more advanced introduction to using the Kerberos libraries for initial authentication, focusing on the authentication steps, validating initial credentials|| || || ||
  +
|-
  +
| An introduction to ticket caches and keytabs and their corresponding APIs|| || || ||
  +
|-
  +
| An advanced guide to the pre-auth mechanisms, FAST|| || || ||
  +
|-
  +
| An advanced guide to the principal manipulation and parsing|| || || ||
  +
|-
  +
| A guide to GSS-API naming as compared to Kerberos principal naming|| || || ||
  +
|-
  +
| A guide to the similarities and differences between Heimdal and MIT Kerberos API|| || || ||
  +
|-
  +
|}
  +
  +
  +
=== Administration ===
  +
  +
{| class="wikitable"
  +
|+
  +
|-
  +
! task
  +
! who writes?
  +
! who reviews?
  +
! reviewed?
  +
! comments
  +
|-
  +
|-
  +
| Validating Kerberos tickets|| || || ||
  +
|-
  +
| Cross-realm interaction with AD|| || || ||
  +
|-
  +
| Using LDAP server for Kerberos backend|| || || ||
  +
|-
  +
| Replication|| || || ||
  +
|}
  +
  +
 
=== API documentation ===
   
 
===Most commonly used API functions (in alphabetical order)===
  
===Most commonly used API functions (in alphabetical order)===

Revision as of 13:04, 7 February 2011

This is an early stage project for MIT Kerberos. It is being fleshed out by its proponents. Feel free to help flesh out the details of this project. After the project is ready, it will be presented for review and approval.


Purpose

To keep track of the various tasks that need to be documented such as function documentation, administration, troubleshooting etc.


Matrix of Document-Type VS Intended Readership
Doc-type/Reader Architectural Guide Setup & Config of Kerberos Admin & Operations of Kerberos Custom Build API Description API Details
End-users
Architects
System Admins
Application Developers
GSSAPI Developers
Kerberos Developers


Application development

task who writes? who reviews? reviewed? comments
A basic introduction to GSS-API, making use of the sample client and server, with special attention paid to Kerberos-related GSS-API issues
How to get servers to use any key in a keytab
How to tell the GSS-API library on the client side where the existing Kerberos ticket cache is
How to write mechanism-independent GSS-API code and when to do so
SASL: how to use it, and how it interacts with GSS-API
A more advanced introduction to using the Kerberos libraries for initial authentication, focusing on the authentication steps, validating initial credentials
An introduction to ticket caches and keytabs and their corresponding APIs
An advanced guide to the pre-auth mechanisms, FAST
An advanced guide to the principal manipulation and parsing
A guide to GSS-API naming as compared to Kerberos principal naming
A guide to the similarities and differences between Heimdal and MIT Kerberos API


Administration

task who writes? who reviews? reviewed? comments
Validating Kerberos tickets
Cross-realm interaction with AD
Using LDAP server for Kerberos backend
Replication


API documentation

Most commonly used API functions (in alphabetical order)

Tier 1 - Highest priority
API who writes? who reviews? reviewed? comments
krb5_build_principal [1]
krb5_build_principal_alloc_va [2]
krb5_build_principal_ext [3]
krb5_change_password [4]
krb5_free_context [5]
krb5_free_error_message [6]
krb5_free_principal [7]
krb5_fwd_tgt_cred [8]
krb5_get_default_realm [9]
krb5_get_error_message [10]
krb5_get_host_realm [11]
krb5_get_credentials [12]
krb5_get_fallback_host_realm [13]
krb5_get_init_creds_keytab [14]
krb5_get_init_creds_opt_alloc [15]
krb5_get_init_creds_opt_free [16]
krb5_get_init_creds_opt_get_fast_flags [17]
krb5_get_init_creds_opt_init [18]
krb5_get_init_creds_opt_set_address_list [19]
krb5_get_init_creds_opt_set_anonymous [20]
krb5_get_init_creds_opt_set_canonicalize [21]
krb5_get_init_creds_opt_set_change_password_prompt [22]
krb5_get_init_creds_opt_set_etype_list [23]
krb5_get_init_creds_opt_set_expire_callback [24]
krb5_get_init_creds_opt_set_fast_ccache [25]
krb5_get_init_creds_opt_set_fast_ccache_name [26]
krb5_get_init_creds_opt_set_fast_flags [27]
krb5_get_init_creds_opt_set_forwardable [28]
krb5_get_init_creds_opt_set_out_ccache [29]
krb5_get_init_creds_opt_set_pa [30]
krb5_get_init_creds_opt_set_preauth_list [31]
krb5_get_init_creds_opt_set_proxiable [32]
krb5_get_init_creds_opt_set_renew_life [33]
krb5_get_init_creds_opt_set_salt [34]
krb5_get_init_creds_opt_set_tkt_life [35]
krb5_get_init_creds_password [36]
krb5_get_profile [37]
krb5_get_prompt_types [38]
krb5_get_renewed_creds [39]
krb5_get_validated_creds [40]
krb5_init_context [41]
krb5_init_secure_context [42]
krb5_is_config_principal [43]
krb5_is_thread_safe [44]
krb5_kt_close [45]
krb5_kt_default [46]
krb5_kt_default_name [47]
krb5_kt_get_name [48]
krb5_kt_get_type [49]
krb5_kt_resolve [50]
krb5_kuserok [51]
krb5_parse_name [52]
krb5_parse_name_flags [53]
krb5_principal_compare [54]
krb5_principal_compare_any_realm [55]
krb5_principal_compare_flags [56]
krb5_prompter_posix [57]
krb5_realm_compare [58]
krb5_recvauth [59]
krb5_recvauth_version [60]
krb5_set_default_realm [61]
krb5_set_password [62]
krb5_set_password_using_ccache [63]
krb5_set_principal_realm [64]
krb5_set_trace_callback [65]
krb5_set_trace_filename [66]
krb5_sname_to_principal [67]
krb5_unparse_name [68]
krb5_unparse_name_ext [69]
krb5_unparse_name_flags [70]
krb5_unparse_name_flags_ext [71]
krb5_us_timeofday [72]
krb5_verify_authdata_kdc_issued [73]
Tier 2 - High priority
API who writes? who reviews? reviewed? comments
krb5_cc_close [74]
krb5_cc_default [75]
krb5_cc_default_name [76]
krb5_cc_destroy [77]
krb5_cc_dup [78]
krb5_cc_get_name [79]
krb5_cc_get_principal [80]
krb5_cc_get_type [81]
krb5_cc_initialize [82]
krb5_cc_new_unique [83]
krb5_cc_resolve [84]
Retrieved from "https://k5wiki.kerberos.org/wiki?title=Projects/Documentation_Tasks&oldid=3799"