table of contents
GSSPROXY-MECH(8) | GssProxy GSSAPI mechanism manu | GSSPROXY-MECH(8) |
NAME¶
gssproxy-mech - GssProxy GSSAPI mechanism plugin
SYNOPSIS¶
proxymech_v1 2.16.840.1.113730.3.8.15.1 /usr/lib64/gssproxy/proxymech.so [options]
DESCRIPTION¶
The gssproxy proxymech module is a interposer plugin that is loaded by GSSAPI. It is enabled by /etc/gss/mech configuration file.
The interposer plugin allows to intercept the entire GSSAPI communication and detour to the gssproxy daemon. When the interposer plugin is installed two other conditions need to be met in order to activate it:
a) interposer configuration file
b) gssproxy environment variable
Furthermore, the interposer plugin can be configured to behave in different ways when called from the GSSAPI. This behavior is controlled via the GSSPROXY_BEHAVIOR environment variable. It accepts four different values:
LOCAL_ONLY
LOCAL_FIRST
REMOTE_FIRST
REMOTE_ONLY
The default setting for GSSPROXY_BEHAVIOR is REMOTE_FIRST.
Finally the interposer may need to use a special per-service socket in order to communicate with gssproxy. The path to this socket is set via the GSSPROXY_SOCKET environment variable.
SEE ALSO¶
AUTHORS¶
GSS-Proxy - http://fedorahosted.org/gss-proxy
04/05/2023 | GSS Proxy |