Document the requirements for the keytab backend.

author: Russ Allbery <rra@stanford.edu> 2006-08-16 19:13:30 +0000
committer: Russ Allbery <rra@stanford.edu> 2006-08-16 19:13:30 +0000
commit: 6f79b22ae2db9b9114a8300a9710e21f9068e121 (patch)
tree: b060393f633d347da9589c5043a7e8465e021b91 /doc/design-schema
parent: 898834d6325e31145c5f0b68067b85cf155a55f5 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/doc/design-schema b/doc/design-schema
index 924196f..c82c387 100644
--- a/doc/design-schema
+++ b/doc/design-schema
@@ -93,3 +93,20 @@ ACL Backend Data
          (km_group              varchar(255)
               not null references krb5_groups(kg_name),
           km_principal          varchar(255) not null);
+
+Storage Backend Data
+
+    To support restricting the allowable enctypes for a given keytab, the
+    keytab backend will use the following table:
+
+      create table keytab_enctypes
+         (ke_principal          varchar(255)
+              not null references objects(ob_name),
+          ke_enctype            varchar(255)
+              not null references enctypes(en_name));
+
+    There is a normalization table to ensure that only supported enctypes
+    are configured:
+
+       create table enctypes
+          (en_name               varchar(255) primary key);
author	Russ Allbery <rra@stanford.edu>	2006-08-16 19:13:30 +0000
committer	Russ Allbery <rra@stanford.edu>	2006-08-16 19:13:30 +0000
commit	6f79b22ae2db9b9114a8300a9710e21f9068e121 (patch)
tree	b060393f633d347da9589c5043a7e8465e021b91 /doc/design-schema
parent	898834d6325e31145c5f0b68067b85cf155a55f5 (diff)