On 20 Mar 2003, Timo Sirainen wrote:
The current way also makes it possible to having long running auth and login processes. Especially long running auth process can give much higher performance since it doesn't have to keep reconnecting to LDAP or SQL server, or keep reopening and reparsing some passwd files every time a user logs in.
Why do you care about long running login processes?
The long running auth process problem can be solved by using a unix domain socket. This is how Bruce Guenter's mailfront works. The authenticator runs long term, and listens to a socket (unix domain preferred, but there are other options). The login process is run from tcpserver, and gathers information from the client, and then connects to the authenticator and verified the information.
-- Charlie