Hi Aaron,
     thanks for the information,  it is an excelent introduction to Kerberos/Java LoginModule, but I think that at the windows KDC site there are a lot of tasks to do to integrate a Java proccess (J2EE)  and Win KDC for example how to create a Kerberos SPN. Maybe in 3 week I will try to configure Kerberos with Geronimo.
 
Thanks.


Aaron Mulder <ammulder@alumni.princeton.edu> escribió:
Here's an article on Sun's Kerberos login module, for what it's worth:

http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/single-signon.html

Aaron

On 1/5/06, Aaron Mulder wrote:
> On 1/5/06, Cristian Roldan wrote:
> > Does Geronimo support Kerberos ?
> > How can I configure Geronimo to autheticate users using a Windows KDC ?
>
> My understanding is that Geronimo can use Sun's Kerberos LoginModule
> to authenticate clients based on who's logged in to the client PC.
> I'm not totally sure there aren't security issues with this approach
> since the server is essentially trusting the client to report the
> correct user, but I believe it has actually been tested and works. I
> think Alan's the one who really worked all this out so I hope he can
> chime in.
>
> If you want to try this I can walk you through setting up the security
> realm and point you at Sun's documentation for the options that can be
> passed to their LoginModule, but I don't have a full understanding of
> what all the options should be set to.
>
> Thanks,
> Aaron
>


1GB gratis, Antivirus y Antispam
Correo Yahoo!, el mejor correo web del mundo
Abrí tu cuenta aquí