[Haskell-cafe] Unified Haskell login

Brandon S Allbery KF8NH allbery at ece.cmu.edu
Fri Sep 17 17:49:35 EDT 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 9/17/10 17:43 , Brandon S Allbery KF8NH wrote:
> On 9/17/10 05:27 , Neil Davies wrote:
>> Why not use kerberos?
> Mind, we use Kerberos heavily around here... but we have the infrastructure
> that uses it.   Web application space is *not* something that integrates
> well, though, unless you use it as a dumb store and manage the resulting
> authentication information yourself (Pubcookie, etc.).  For a primarily web

Additional:  MIT does use it for web auth (cf. ezyang's response in this
thread), but I believe they use a third mechanism:  users have certificates,
which are registered with the KDC and used via PKINIT.  The infrastructure
cost of this is (currently, PKINIT still being not quite fully nailed down)
higher than anyone in the Haskell community is likely to be willing to deal
with --- and you *still* have to solve the authorization problem yourself.

- -- 
brandon s. allbery     [linux,solaris,freebsd,perl]      allbery at kf8nh.com
system administrator  [openafs,heimdal,too many hats]  allbery at ece.cmu.edu
electrical and computer engineering, carnegie mellon university      KF8NH
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkyT4m8ACgkQIn7hlCsL25VKawCeNTumjtGy7U9HVdC4DXs8+lhb
tTYAoJZtP3ZxH90hqOWsldkWd1eyiROm
=jokt
-----END PGP SIGNATURE-----


More information about the Haskell-Cafe mailing list