[cups.development] How is backend authentication supposed to work ?

Michael Sweet msweet at apple.com
Wed Mar 10 07:49:42 PST 2010


On Mar 10, 2010, at 1:40 AM, Christer Bernérus wrote:
> ...
> How is this supposed to work, really? How is the local CUPS scheduler supposed to get hold of the original submitter's credentials?


The local cupsd gets a copy of the user's Kerberos credentials and then supplies them to the backend, which uses them when a challenge is received from the remote server.

On Mac OS X we use a special interface that allows us to do this without delegation on the local system, however other operating systems need delegated credentials, typically enabled via a policy setting on the KDC.

There are some known issues in CUPS 1.4.2, and fixes are attached to CUPS STR #3325:

    http://www.cups.org/str.php?L3325

________________________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cups.org/pipermail/cups-devel/attachments/20100310/dc401eb2/attachment.html>


More information about the cups-devel mailing list