directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kai Zheng (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRKRB-280) Kadmin tool will be authenticated first before any real operation
Date Thu, 16 Jul 2015 06:28:05 GMT

    [ https://issues.apache.org/jira/browse/DIRKRB-280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14629279#comment-14629279
] 

Kai Zheng commented on DIRKRB-280:
----------------------------------

The change looks good to me, thanks Jiajia.

> Kadmin tool will be authenticated first before any real operation
> -----------------------------------------------------------------
>
>                 Key: DIRKRB-280
>                 URL: https://issues.apache.org/jira/browse/DIRKRB-280
>             Project: Directory Kerberos
>          Issue Type: Sub-task
>            Reporter: Kai Zheng
>            Assignee: Jiajia Li
>             Fix For: 1.0.0-RC1
>
>         Attachments: DIRKRB-280-v1.patch, DIRKRB-280-v2.patch
>
>
> Currently a local mode kadmin tool for Kerby KDC is almost ready equipped with basic
functionalities. The mode requires it should be launched in the KDC server host. This is to
move on and enforce necessary authentication for it. The kadmin@KDC-REALM principal will be
used to perform the authentication. To be simple, once its credential (password, or keytab)
is validated by an AS-REQ returning a tgt, the authentication is passed. No GSSAPI or TGS-REQ/AP-REQ
will be involved.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message