directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <>
Subject Re: Ideas Wanted: NTLMv2, Kerberos, JAAS, ...
Date Fri, 27 Jun 2008 06:28:41 GMT
Michael B Allen wrote:
> Hi,
> I'm working on implementing Kerberos 5 and NTLMv2 for an open source
> CIFS client. Being a Windows / Java solution it seems to me we're distant
> cousins.
> I'm going to be doing classes for NTLM credentials and principals,
> JAAS integration and utility classes, possibly some JNDI to do "site"
> based SRV lookups (to set - gotta love all that
> LoginModule configuration BS), ... etc.
> Is everyone on-board with Java's Subject based security code? I'm not
> yet convinced but so far I'm playing along.
We already have NTLM and Kerberos implemented :
For Kerberos, we have some doc somewhere on the same place, but I don't 
have access to http right now, so you will have to dig the site by 
yourslef, or wait a few hours so I reach office ...

> Do you guys have or want NTLMv2, Kerberos, SPNEGO, NTLMSSP, ...? If so,
> I'm interested in hearing opinions about how to "properly" implement
> such things to maximize cross-pollination.
We also have a SPNEGO codec in sandbox, but it needs to be leveraged.
> Is anyone aware of other projects doing this sort of stuff?
> In general I'm interested in hearing about anything wrt the above that
> has worked well for you (or what to watch out for). I've been doing C
> for a while and I want to know where Java's at with this stuff.
I think there is room for improvement in the way we handle those kind of 
stuff. And I think we also need people to help us to improve these 
implementations. Is there a better way than collaborating ?

cordialement, regards,
Emmanuel L├ęcharny

View raw message