logo_kerberos.gif

Difference between revisions of "Projects/Interposer Mechanism"

From K5Wiki
Jump to: navigation, search
(New page: {{project-early}} = Background = During the development of the [https://fedorahosted.org/gss-proxy GSS-Proxy project] in connection with the Projects/ProxyGSSAPI a new GSSAPI Mechanis...)
 
Line 2: Line 2:
   
 
= Background =
  
= Background =
  +
 
During the development of the [https://fedorahosted.org/gss-proxy GSS-Proxy project] in connection with the [[Projects/ProxyGSSAPI]] a new GSSAPI Mechanism interface has emerged. We call this kind of mechanism an '''Interposer Mechanism''' as it intercept all function calls for a specific mechanism.
  
During the development of the [https://fedorahosted.org/gss-proxy GSS-Proxy project] in connection with the [[Projects/ProxyGSSAPI]] a new GSSAPI Mechanism interface has emerged. We call this kind of mechanism an '''Interposer Mechanism''' as it intercept all function calls for a specific mechanism.
  +
  +
The Interposer Mechanism instructs the mechglue layer on what mechanisms it wants to interpose. Once a mechnism is interposed the mechglue will always call the interposer for any function related to interposed mechanism.
  +
  +
The interposer plugin is responsible for handling the requested functionality, it can proxy it to another process (for example to the GSS-Proxy daemon) or can short-circuit it back to the mechglue in order to call the original mechanism handler.
  +
  +
= Requirements =
  +
  +
The Interposer mechanism must be able to intercept any mechanism function.
  +
The Interposer mechanism must also be able to call back into the mechglue in order to execute code using the original mechanism.
  +
The interposer mechanism should be completely transparent to applications, in that pure gssapi application should not need any modification in order to work with the interposer mechanism nor need to issue any special call to use the interposer functionality.

Revision as of 15:42, 2 October 2012

This is an early stage project for MIT Kerberos. It is being fleshed out by its proponents. Feel free to help flesh out the details of this project. After the project is ready, it will be presented for review and approval.


Background

During the development of the GSS-Proxy project in connection with the Projects/ProxyGSSAPI a new GSSAPI Mechanism interface has emerged. We call this kind of mechanism an Interposer Mechanism as it intercept all function calls for a specific mechanism.

The Interposer Mechanism instructs the mechglue layer on what mechanisms it wants to interpose. Once a mechnism is interposed the mechglue will always call the interposer for any function related to interposed mechanism.

The interposer plugin is responsible for handling the requested functionality, it can proxy it to another process (for example to the GSS-Proxy daemon) or can short-circuit it back to the mechglue in order to call the original mechanism handler.

Requirements

The Interposer mechanism must be able to intercept any mechanism function. The Interposer mechanism must also be able to call back into the mechglue in order to execute code using the original mechanism. The interposer mechanism should be completely transparent to applications, in that pure gssapi application should not need any modification in order to work with the interposer mechanism nor need to issue any special call to use the interposer functionality.

Retrieved from "https://k5wiki.kerberos.org/wiki?title=Projects/Interposer_Mechanism&oldid=4851"