[Haskell-cafe] Unified Haskell login

Brandon S Allbery KF8NH allbery at ece.cmu.edu
Fri Sep 17 17:49:35 EDT 2010

Hash: SHA1

On 9/17/10 17:43 , Brandon S Allbery KF8NH wrote:
> On 9/17/10 05:27 , Neil Davies wrote:
>> Why not use kerberos?
> Mind, we use Kerberos heavily around here... but we have the infrastructure
> that uses it.   Web application space is *not* something that integrates
> well, though, unless you use it as a dumb store and manage the resulting
> authentication information yourself (Pubcookie, etc.).  For a primarily web

Additional:  MIT does use it for web auth (cf. ezyang's response in this
thread), but I believe they use a third mechanism:  users have certificates,
which are registered with the KDC and used via PKINIT.  The infrastructure
cost of this is (currently, PKINIT still being not quite fully nailed down)
higher than anyone in the Haskell community is likely to be willing to deal
with --- and you *still* have to solve the authorization problem yourself.

- -- 
brandon s. allbery     [linux,solaris,freebsd,perl]      allbery at kf8nh.com
system administrator  [openafs,heimdal,too many hats]  allbery at ece.cmu.edu
electrical and computer engineering, carnegie mellon university      KF8NH
Version: GnuPG v2.0.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the Haskell-Cafe mailing list