- It can alert the user via notifications when the ticket is about to expire.
- Tickets can be acquired by clicking on the tray icon.
- If the notification daemon supports persistence (like in GNOME 3) the tray icon can be avoided and resident notifications are used.
- Current tickets in the credential cache can be listed.
- It can be extended using plugins. This can be used to extend krb5-auth-dialog to e.g. handle things like kx509.
- These plugins are currently available:
- afs: a plugin to acquire AFS tickets
- dummy: a sample plugin printing to the console
- pam: a plugin invoking the pam stack
- A DBus API for applications to acquire a Kerberos ticket and to remove the credentials cache is provided.
- DBus signals notify applications about acquired, renewed and expired tickets.
- It supports PKinit (e.g. via SmartCard) when built against Heimdal.
The source code is available and browseable via GNOMEs GIT:
git clone git://git.gnome.org/krb5-auth-dialog
Debian packges are available from debian.org.
The notifications under GNOME 3 look like this:
There are currently three plugins available:
- afs - call aklog or afslog to aquire AFS tickets
- pam - invoke PAM modules
- dummy - example plugin
These plugins can be activated using a key in GSettings
- There's a DBus API to acquire Kerberos ticktes. See the examples. virt-manager is using this and here's a patch for offlineimap.
- DBus signals notify about acquired, renewed or expired tickets. This can be used to e.g. run aklog via this example.
- Add gnome keyring support (567701)
- Remove all wakeups, rely on our gio watch of the ticket cache
- Add cache version, etc. to ticket dialog
- Add fast principal switching
- Make more applications use the DBUS API to make Kerberos a smooth experience on the desktop:
- krb5-auth-dialog uses persistent notifications instead of a tray icon
- Settings were moved from a stand alone dialog into the gnome-control-center panel
Status of current Gnome goals in krb5-auth-dialog:
- Deprecated GLib symbols - done
- Deprecated Gtk+ symbols - done
- Clean up GLib and GTK+ includes - done
- Use GtkBuilder instead of libglade - done
- Use a correct Generic Name - done
- Use GSeal - done
- Migrate to GSettings / dconf - done
- Migrate to GDBus - done
krb5-auth-dialog was originally written by Christopher Aillon and is now maintained by Guido Günther <firstname.lastname@example.org>.
Please file bug reports via GNOME's bugzilla.
krb5-auth-dialog is free software and licensed under the GPL Version 2.