GNOME Bugzilla – Bug 739594
Support refreshing credentials from a smartcard
Last modified: 2015-05-22 13:24:36 UTC
These two commits add support for refreshing kerberos credentials backed by a smartcard. Note they only add support for refreshing existing credentials from smartcard login. It doesn't currently add UI to control-center for electing to use a smartcard at account creation time. That's something we should definitely add down the line. This bug depends on the fixes in bug 739590 and bug 739593
Created attachment 289948 [details] [review] ticketing: add new details property This commit adds a new "details" variant for attaching metadata about tickets getting requested via the ticketing interface. This will give the kerberos account provider a place to tuck away kerberos-specific preauthentication configuration for the tickets associated with smartcard backed kerberos accounts.
Created attachment 289949 [details] [review] kerberos: support refreshing smartcard authenticated kerberos tickets Right now gnome-online-accounts doesn't manager smartcard based kerberos credentials very well. The sign-in button just fails. This commit adds support for tickets granted through smartcards. Note, at the moment we don't provide a way to add new smartcard based accounts, merely, manage existing ones that are added implicitly by logging in with a smartcard, or by explicit kinit.
Review of attachment 289948 [details] [review]: ::: data/dbus-interfaces.xml @@ +738,3 @@ --> <interface name="org.gnome.OnlineAccounts.Ticketing"> + <property name="details" type="a{ss}" access="read"/> Needs a documentation string and '@since: 3.16'.
Created attachment 290046 [details] [review] ticketing: add new details property This commit adds a new "details" variant for attaching metadata about tickets getting requested via the ticketing interface. This will give the kerberos account provider a place to tuck away kerberos-specific preauthentication configuration for the tickets associated with smartcard backed kerberos accounts.
Created attachment 302889 [details] [review] dbus: Add Details to org.gnome.OnlineAccounts.Ticketing Updated the version in the since tag, and capitalized the 'D' in 'Details' for consistency.
Created attachment 302890 [details] [review] kerberos: Support refreshing smartcard authenticated kerberos tickets
We have been shipping these in RHEL for quite some time now. Sorry for having let these slip through the cracks.
The order in which these patches were generated (with respect to bug 739593), was different from the RHEL patches. I rebased these against master in the same order as RHEL since that is what we have been actually shipping so far.