directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marc Boorshtein" <mboorsht...@gmail.com>
Subject Re: OT kerberos, iwa and proxys
Date Fri, 01 Jun 2007 23:06:48 GMT
Thanks

What I'm actually doing is trying to proxy the ticket as part of an
http request/response but I thought I had heard that kerberos tickets
could not be proxied unchanged.  It sounds like that's not the case.
Ill read those links.

Thanks!
Marc

On 6/1/07, Emmanuel Lecharny <elecharny@apache.org> wrote:
> Marc Boorshtein a écrit :
>
> > All,
>
> Hi Marc,
>
> >
> > I've got an kerberos question when cobined with integrated windows
> > authentication.  Can the process of authenticating the user to an iis
> > server be proxied succesfully?
>
> so far, I think you just need to enable SPNEGO on you browser to do so
> (http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/tsec_SPNEGO_config_web.html
> <http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/tsec_SPNEGO_config_web.html>)
>
> Of couse, this will be helpfull if you are just using a browser...
> Otherwise, your application will have to implement SPNEGO. FYI, we have
> written a java codec for this protocol, but it has been sandboxed...
> Just tell us if you want it to be ressucitated.
>
>
> Emmanuel.
>
> >
> > Thanks for any input.
> >
> > Marc
> >
> >
> > On 6/1/07, Alex Karasulu <akarasulu@apache.org> wrote:
> >
> >> On 6/1/07, Emmanuel Lecharny <elecharny@gmail.com> wrote:
> >>
> >> SNIP
> >>
> >> BasicAttributes to a more ldap compliant BasicAttributesImpl...)
> >>
> >>
> >> What about renaming  BasicAttributesImpl to just LdapAttributes?  Of
> >> course
> >> not in the 1.0 branch which would break backwards compatibility of
> >> partitions but in the 1.5 branch?  Guess really it's the 0.9.6 branch of
> >> shared for 1.5 of ApacheDS.
> >>
> >> Anyway this would be clearer no?
> >>
> >> Alex
> >>
> >
>
>

Mime
View raw message