geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron Mulder <ammul...@alumni.princeton.edu>
Subject Re: Geronimo and Kerberos
Date Thu, 05 Jan 2006 20:55:25 GMT
Here's an article on Sun's Kerberos login module, for what it's worth:

http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/single-signon.html

Aaron

On 1/5/06, Aaron Mulder <ammulder@alumni.princeton.edu> wrote:
> On 1/5/06, Cristian Roldan <roldancer@yahoo.com.ar> wrote:
> >         Does Geronimo support Kerberos ?
> > How can I configure Geronimo to autheticate users using a Windows KDC ?
>
> My understanding is that Geronimo can use Sun's Kerberos LoginModule
> to authenticate clients based on who's logged in to the client PC.
> I'm not totally sure there aren't security issues with this approach
> since the server is essentially trusting the client to report the
> correct user, but I believe it has actually been tested and works.  I
> think Alan's the one who really worked all this out so I hope he can
> chime in.
>
> If you want to try this I can walk you through setting up the security
> realm and point you at Sun's documentation for the options that can be
> passed to their LoginModule, but I don't have a full understanding of
> what all the options should be set to.
>
> Thanks,
>     Aaron
>

Mime
View raw message