geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cristian Roldan <roldan...@yahoo.com.ar>
Subject Re: Geronimo and Kerberos
Date Thu, 05 Jan 2006 21:31:10 GMT
Hi Aaron,
       thanks for the information,  it is an excelent introduction to Kerberos/Java LoginModule,
but I think that at the windows KDC site there are a lot of tasks to do to integrate a Java
proccess (J2EE)  and Win KDC for example how to create a Kerberos SPN. Maybe in 3 week I will
try to configure Kerberos with Geronimo.
   
  Thanks.
  

Aaron Mulder <ammulder@alumni.princeton.edu> escribió:
  Here's an article on Sun's Kerberos login module, for what it's worth:

http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/single-signon.html

Aaron

On 1/5/06, Aaron Mulder wrote:
> On 1/5/06, Cristian Roldan wrote:
> > Does Geronimo support Kerberos ?
> > How can I configure Geronimo to autheticate users using a Windows KDC ?
>
> My understanding is that Geronimo can use Sun's Kerberos LoginModule
> to authenticate clients based on who's logged in to the client PC.
> I'm not totally sure there aren't security issues with this approach
> since the server is essentially trusting the client to report the
> correct user, but I believe it has actually been tested and works. I
> think Alan's the one who really worked all this out so I hope he can
> chime in.
>
> If you want to try this I can walk you through setting up the security
> realm and point you at Sun's documentation for the options that can be
> passed to their LoginModule, but I don't have a full understanding of
> what all the options should be set to.
>
> Thanks,
> Aaron
>
  


		
---------------------------------
 1GB gratis, Antivirus y Antispam
 Correo Yahoo!, el mejor correo web del mundo
 Abrí tu cuenta aquí
Mime
View raw message