Hi, Directory developers,
As part of documenting practical uses of Apache Directory for Kerberos
authentication, I got Kerberos authentication to a Wicket web app
working. This uses the "SPNEGO+GSS-API+Kerberos V5" scheme
popularized by IE and now well-supported in Firefox. I used the jGSS
code in JDK 1.5, so this was a pretty quick 80-lines of code to glue
Negotiate processing to Wicket. The "three-headed" Kerberos setup I
tested was (1) Firefox 2 and IE 7 (2) Wicket app (3) and Apache
I wanted to check where the best home for this code is. I followed
the layout of the "signin" and "signin2" apps in Wicket Examples, so
one possibility is a contribution to Wicket. But, 90% of the
difficulty is in the configuration of Kerberos, so I think it makes
the most sense to maintain at Directory. The code is commented and
ready to commit. I would do a Confluence page to detail, from
scratch, how to set this up.
Any objections to my committing this to Directory?