Projects/Documentation Tasks
From K5Wiki
< Projects
Revision as of 16:28, 12 April 2011 by Tsitkova (talk | contribs) (Added topic "MIT Kerberos features : quick facts")
This is an early stage project for MIT Kerberos. It is being fleshed out by its proponents. Feel free to help flesh out the details of this project. After the project is ready, it will be presented for review and approval.
Contents
Purpose
To keep track of the various tasks that need to be documented such as function documentation, administration, troubleshooting etc.
Doc-type/Reader | Architectural Guide | Setup & Config of Kerberos | Admin & Operations of Kerberos | Custom Build | API Description | API Details |
---|---|---|---|---|---|---|
End-users | ||||||
Architects | ||||||
System Admins | ||||||
Application Developers | ||||||
GSSAPI Developers | ||||||
Kerberos Developers |
Application development
task | who writes? | who reviews? | reviewed? | comments | |
---|---|---|---|---|---|
A basic introduction to GSS-API, making use of the sample client and server, with special attention paid to Kerberos-related GSS-API issues | |||||
How to get servers to use any key in a keytab | |||||
How to tell the GSS-API library on the client side where the existing Kerberos ticket cache is | |||||
How to write mechanism-independent GSS-API code and when to do so | |||||
SASL: how to use it, and how it interacts with GSS-API | |||||
A more advanced introduction to using the Kerberos libraries for initial authentication, focusing on the authentication steps, validating initial credentials | |||||
An introduction to ticket caches and keytabs and their corresponding APIs | |||||
An advanced guide to the pre-auth mechanisms, FAST | |||||
An advanced guide to the principal manipulation and parsing | |||||
A guide to GSS-API naming as compared to Kerberos principal naming | |||||
A guide to the similarities and differences between Heimdal and MIT Kerberos API | |||||
MIT Kerberos features : quick facts | ZT | ongoing |
Administration
task | who writes? | who reviews? | reviewed? | comments | |
---|---|---|---|---|---|
Validating Kerberos tickets | |||||
Cross-realm interaction with AD | |||||
Using LDAP server for Kerberos backend | ZT | Ubuntu 10.4 (lucid) | |||
Replication |
API documentation
Most commonly used API functions (in alphabetical order)
API | who writes? | who reviews? | reviewed? | comments | |
---|---|---|---|---|---|
krb5_build_principal [1] | ZT | ||||
krb5_build_principal_alloc_va [2] | ZT | ||||
krb5_build_principal_ext [3] | ZT | ||||
krb5_cc_close [4] | |||||
krb5_cc_default [5] | ZT | ||||
krb5_cc_default_name [6] | ZT | ||||
krb5_cc_destroy [7] | ZT | ||||
krb5_cc_dup [8] | ZT | ||||
krb5_cc_get_name [9] | ZT | ||||
krb5_cc_get_principal [10] | ZT | ||||
krb5_cc_get_type [11] | ZT | ||||
krb5_cc_initialize [12] | ZT | ||||
krb5_cc_new_unique [13] | ZT | ||||
krb5_cc_resolve [14] | ZT | ||||
krb5_change_password [15] | ZT | ||||
krb5_free_context [16] | ZT | ||||
krb5_free_error_message [17] | ZT | ||||
krb5_free_principal [18] | ZT | ||||
krb5_fwd_tgt_cred [19] | ZT | Needs example | |||
krb5_get_default_realm [20] | ZT | ||||
krb5_get_error_message [21] | ZT | ||||
krb5_get_host_realm [22] | ZT | ||||
krb5_get_credentials [23] | ZT | ||||
krb5_get_fallback_host_realm [24] | |||||
krb5_get_init_creds_keytab [25] | ZT | ||||
krb5_get_init_creds_opt_alloc [26] | ZT | ||||
krb5_get_init_creds_opt_free [27] | ZT | ||||
krb5_get_init_creds_opt_get_fast_flags [28] | ZT | ||||
krb5_get_init_creds_opt_init [29] | ZT | ||||
krb5_get_init_creds_opt_set_address_list [30] | ZT | ||||
krb5_get_init_creds_opt_set_anonymous [31] | ZT | ||||
krb5_get_init_creds_opt_set_canonicalize [32] | ZT | ||||
krb5_get_init_creds_opt_set_change_password_prompt [33] | ZT | ||||
krb5_get_init_creds_opt_set_etype_list [34] | ZT | ||||
krb5_get_init_creds_opt_set_expire_callback [35] | ZT | ||||
krb5_get_init_creds_opt_set_fast_ccache [36] | ZT | ||||
krb5_get_init_creds_opt_set_fast_ccache_name [37] | ZT | ||||
krb5_get_init_creds_opt_set_fast_flags [38] | ZT | ||||
krb5_get_init_creds_opt_set_forwardable [39] | ZT | ||||
krb5_get_init_creds_opt_set_out_ccache [40] | ZT | ||||
krb5_get_init_creds_opt_set_pa [41] | ZT | ||||
krb5_get_init_creds_opt_set_preauth_list [42] | ZT | ||||
krb5_get_init_creds_opt_set_proxiable [43] | ZT | ||||
krb5_get_init_creds_opt_set_renew_life [44] | ZT | ||||
krb5_get_init_creds_opt_set_salt [45] | ZT | ||||
krb5_get_init_creds_opt_set_tkt_life [46] | ZT | ||||
krb5_get_init_creds_password [47] | ZT | ||||
krb5_get_profile [48] | ZT | ||||
krb5_get_prompt_types [49] | ZT | ||||
krb5_get_renewed_creds [50] | ZT | ||||
krb5_get_validated_creds [51] | ZT | ||||
krb5_init_context [52] | ZT | ||||
krb5_init_secure_context [53] | ZT | ||||
krb5_is_config_principal [54] | ZT | ||||
krb5_is_thread_safe [55] | ZT | ||||
krb5_kt_close [56] | ZT | ||||
krb5_kt_default [57] | ZT | ||||
krb5_kt_default_name [58] | ZT | ||||
krb5_kt_get_name [59] | ZT | ||||
krb5_kt_get_type [60] | ZT | ||||
krb5_kt_resolve [61] | ZT | ||||
krb5_kuserok [62] | ZT | ||||
krb5_parse_name [63] | ZT | ||||
krb5_parse_name_flags [64] | ZT | ||||
krb5_principal_compare [65] | ZT | ||||
krb5_principal_compare_any_realm [66] | ZT | ||||
krb5_principal_compare_flags [67] | ZT | ||||
krb5_prompter_posix [68] | |||||
krb5_realm_compare [69] | ZT | ||||
krb5_recvauth [70] | |||||
krb5_recvauth_version [71] | |||||
krb5_set_default_realm [72] | ZT | ||||
krb5_set_password [73] | ZT | ||||
krb5_set_password_using_ccache [74] | ZT | ||||
krb5_set_principal_realm [75] | ZT | ||||
krb5_set_trace_callback [76] | ZT | ||||
krb5_set_trace_filename [77] | ZT | ||||
krb5_sname_to_principal [78] | ZT | ||||
krb5_unparse_name [79] | ZT | ||||
krb5_unparse_name_ext [80] | ZT | ||||
krb5_unparse_name_flags [81] | ZT | ||||
krb5_unparse_name_flags_ext [82] | ZT | ||||
krb5_us_timeofday [83] | ZT | ||||
krb5_verify_authdata_kdc_issued [84] | ZT |