directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r1443413 - /directory/site/trunk/content/apacheds/kerberos-ug/1.1-introduction.mdtext
Date Thu, 07 Feb 2013 11:15:23 GMT
Author: elecharny
Date: Thu Feb  7 11:15:22 2013
New Revision: 1443413

URL: http://svn.apache.org/viewvc?rev=1443413&view=rev
Log:
Added the kerberos introduction page

Added:
    directory/site/trunk/content/apacheds/kerberos-ug/1.1-introduction.mdtext

Added: directory/site/trunk/content/apacheds/kerberos-ug/1.1-introduction.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/kerberos-ug/1.1-introduction.mdtext?rev=1443413&view=auto
==============================================================================
--- directory/site/trunk/content/apacheds/kerberos-ug/1.1-introduction.mdtext (added)
+++ directory/site/trunk/content/apacheds/kerberos-ug/1.1-introduction.mdtext Thu Feb  7 11:15:22
2013
@@ -0,0 +1,57 @@
+Title: 1.1 - Introduction
+NavPrev: 1-kerberos.html
+NavPrevText: 1 - What is Kerberos ?
+NavUp: ../kerberos-user-guide.html
+NavUpText: Kerberos User Guide
+NavNext: 1.2-moe-information.html
+NavNextText: 1.2 - More Information
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    .
+    http://www.apache.org/licenses/LICENSE-2.0
+    .
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+## Table of content
+
+* [1.1.1 - Realms](kerberos-ug/1.1.1-realms.html)
+* [1.1.2 - Principal](kerberos-ug/1.1.2-Principal.html)
+* [1.1.3 - Keys](kerberos-ug/1.1.3-keys.html)
+* [1.1.4 - KDC (Key Distribution Center)](kerberos-ug/1.1.4-kdc.html)
+* [1.1.5 - Database](kerberos-ug/1.1.5-database.html)
+* [1.1.6 - AS (Authentication Server)](kerberos-ug/1.1.6-as.html)
+* [1.1.7 - TGS (Ticket Granting Server)](kerberos-ug/1.1.7-tgs.html)
+* [1.1.8 - Tickets](kerberos-ug/1.1.8-tickets.html)
+
+# 1.1 - Introduction
+
+The **Kerberos** server is one part of the **Apache Directory Server** : it uses the **LDAP**
server as a backend, but has its own separate network layer. It makes it easy to install,
compared to other solutions where you have two components : a LDAP server o one side, and
the Kerberos Server on the other.
+
+We also have a complete configuration GUI in Studio, which allows administrators to tweak
their server in a convenient way.
+
+The Kerberos provider for Apache Directory implements RFC 1510 and RFC 4120 , the Kerberos
V5 Network Authentication Service. The purpose of Kerberos is to verify the identities of
principals (users or services) on an unprotected network. While generally thought of as a
single-sign-on technology, Kerberos' true strength is in authenticating users without ever
sending their password over the network. Kerberos is designed for use on open (untrusted)
networks and, therefore, operates under the assumption that packets traveling along the network
can be read, modified, and inserted at will. This chart provides a good description of the
protocol workflow.
+
+Kerberos is named for the three-headed dog that guards the gates to Hades. The three heads
are the client, the Kerberos server, and the network service being accessed.
+
+The Apache Directory Kerberos provider is implemented as a protocol-provider plugin. As a
plugin, the Kerberos provider leverages **Apache MINA** for front-end services and the **Apache
Directory** read-optimized backing store for persistent directory services.
+
+The Kerberos server for Apache Directory, in conjunction with MINA and the Apache Directory
store, provides an easy-to-use yet fully-featured network authentication service. As implemented
within the Apache Directory, the Kerberos provder will provide:
+
+* Authentication service
+* Ticket-granting service
+* Pre-authentication support
+* DES encryption systems
+* Triple-DES (DES3)
+* UDP and TCP Support (MINA)
+
+



Mime
View raw message