From commits-return-35986-apmail-directory-commits-archive=directory.apache.org@directory.apache.org Thu Feb 7 18:15:47 2013 Return-Path: X-Original-To: apmail-directory-commits-archive@www.apache.org Delivered-To: apmail-directory-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D8C73E075 for ; Thu, 7 Feb 2013 18:15:46 +0000 (UTC) Received: (qmail 98812 invoked by uid 500); 7 Feb 2013 18:15:46 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 98759 invoked by uid 500); 7 Feb 2013 18:15:46 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 98752 invoked by uid 99); 7 Feb 2013 18:15:46 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Feb 2013 18:15:46 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Feb 2013 18:15:42 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id A4B9A23888E7 for ; Thu, 7 Feb 2013 18:15:22 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r849791 - in /websites/staging/directory/trunk/content: ./ apacheds/kerberos-ug/1.1.1-realms.html apacheds/kerberos-ug/1.1.2-principals.html apacheds/kerberos-user-guide.html Date: Thu, 07 Feb 2013 18:15:22 -0000 To: commits@directory.apache.org From: buildbot@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130207181522.A4B9A23888E7@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: buildbot Date: Thu Feb 7 18:15:22 2013 New Revision: 849791 Log: Staging update by buildbot for directory Added: websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.2-principals.html Modified: websites/staging/directory/trunk/content/ (props changed) websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.1-realms.html websites/staging/directory/trunk/content/apacheds/kerberos-user-guide.html Propchange: websites/staging/directory/trunk/content/ ------------------------------------------------------------------------------ --- cms:source-revision (original) +++ cms:source-revision Thu Feb 7 18:15:22 2013 @@ -1 +1 @@ -1443620 +1443639 Modified: websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.1-realms.html ============================================================================== --- websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.1-realms.html (original) +++ websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.1-realms.html Thu Feb 7 18:15:22 2013 @@ -130,7 +130,7 @@
@@ -175,7 +175,7 @@ ads-krbprimaryrealm: EXAMPLE.COM
Added: websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.2-principals.html ============================================================================== --- websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.2-principals.html (added) +++ websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.2-principals.html Thu Feb 7 18:15:22 2013 @@ -0,0 +1,201 @@ + + + + + 1.1.2 - Principals — Apache Directory + + + + + + + + + + + + +
+ +
+
+ + + +
+
+ + + + + +

Principals

+

The Kerberos Principal is any entity to which the server can assign a Ticket. Typically, we can think of three kinds of Principals :

+
* Users
+* Services
+* hosts
+
+ + +

Each Principal is unique in the Kerberos database. This is the way we identify the entity.

+

A Kerberos Principal is a combinaison of three parts :

+
* the name (the primary)
+* an optional instance
+* the realm they are associated with
+
+ + +

The optional instance is used to provide more than one role to an entity, without having to create N Principal for a single user (an administrator is also a normal user, and it's good to qualify the user by adding his admin qualificiation in one Principal to create a new and easy to remember Principal)

+

The Principal syntax is the following :

+
<primary> ['/' <instance>]* '@' <realm>
+
+ + +

+For hosts, we use "host" as a primary, and the instances are the hostnames. +

+

Those are examples of valid Principals

+
john@APACHE.ORG
+john/admin@APACHE.ORG
+host/www.apache.org/apache.org@APACHE.ORG
+ldap/www.apache.org@APACHE.ORG
+
+ + + + + +
+
+
+ +
+ + \ No newline at end of file Modified: websites/staging/directory/trunk/content/apacheds/kerberos-user-guide.html ============================================================================== --- websites/staging/directory/trunk/content/apacheds/kerberos-user-guide.html (original) +++ websites/staging/directory/trunk/content/apacheds/kerberos-user-guide.html Thu Feb 7 18:15:22 2013 @@ -127,7 +127,7 @@
  • 1 - What is Kerberos