Ken Hornstein wrote: >>Yes and no. The issue in our application is that we need to make many >>authentications quickly (mostly for the same pts ids over and over), and >>cannot afford the 1 pag per second cost to create a new pag each time we need > >>one. > >I guess I am missing something. How come you need to get a new pag to >reauthenticate?
Think things like web servers that run authenticated as the (each) web page author. Or, <scream volume="primal"> think things like authenticated mail delivery.</scream> In either case, I have to authenticate as the same principal over and over, and I can't wait for a new pag for each request. So, I create (and authenticate) a pag for each principal, and I can authenticate quickly via a setgroups() call to select the appropriate authentication (pag). Our implementation consists of more than that, but that's the core of it. Dave Thompson UW-Madison _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
