Kerberos CODEC rewrite headsup

[Emmanuel Lecharny <el...@gmail.com>]

Hi guys,

the last 2 days I spent some time on MINA, as we were done with the 
Kerberos message codec we were working on with Kiran.

I started to inject the decoder into the Kerberos server, and the 
problem started to show their nose :)

First, there is a bug in the AS-REQ decoder (obviously, as we have a 
very limited set of tests for this guy, the first real world request 
made the decoder blow...). It's just a transition problem when no 
PA-DATA are present. I gonna fix that tomorrow.

Second, but it's not a problem, as it's a brand new codec, it uses a new 
set of classes. We will have to modify the server to use those new 
classes, but it might take time. Another option is to create converters, 
as we did for LDAP. But I'm afraid that the time spent to write such a 
converter for all the 46 classes might be overwhelming.

If we switch to the new codec, it will brake the KerberosServer for, 
say, one week. Not sure we want that, so the best would probably to 
create a branch and work into it until it works back.

I'll probably switch to AP's for the moment, as soon as the branch is 
created and the decoder is integrated.

Lots of work to go, but frankly, that will drive us to some deep 
understanding on the kerberos server, which is most needed.

Kiran was the second leg for this 3 weeks walk we had in the codec part, 
I would like to think him a lot for the hard and not so funny he did. 
Frankly, that's really helping to know that you aren't alone when coding 
start to be painful because it's 46 times the same type of code.

Let's get those two things (Kerberos and APs) done in december, I'm sure 
we can clean the room in 15 days !

-- 
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com