Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 76407 invoked from network); 17 Mar 2005 23:27:47 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 17 Mar 2005 23:27:47 -0000 Received: (qmail 50116 invoked by uid 500); 17 Mar 2005 23:27:35 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 50082 invoked by uid 500); 17 Mar 2005 23:27:35 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 50067 invoked by uid 99); 17 Mar 2005 23:27:34 -0000 X-ASF-Spam-Status: No, hits=0.2 required=10.0 tests=NO_REAL_NAME X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: local policy) Received: from mr0.sv.mailhost.seagate.com (HELO mr0.sv.mailhost.seagate.com) (192.55.4.52) by apache.org (qpsmtpd/0.28) with ESMTP; Thu, 17 Mar 2005 15:27:32 -0800 Received: from mh1.sv.mailhost.seagate.com (mh1.sv.mailhost.seagate.com [10.5.128.185]) by mr0.sv.mailhost.seagate.com (8.12.10/8.12.10) with ESMTP id j2HNRU85025013 for ; Thu, 17 Mar 2005 23:27:30 GMT Received: from sv-gw1.notes.seagate.com (sv-gw1.stsj.seagate.com [10.26.8.33]) by mh1.sv.mailhost.seagate.com (8.12.10/8.12.10) with ESMTP id j2HNRN6r024578 for ; Thu, 17 Mar 2005 23:27:29 GMT To: users@httpd.apache.org X-Mailer: Lotus Notes Release 6.5.1 January 21, 2004 Message-ID: From: Saqib.N.Ali@seagate.com Date: Thu, 17 Mar 2005 15:27:23 -0800 X-MIMETrack: Serialize by Router on SV-GW1/Seagate Internet(Release 6.5.1|January 21, 2004) at 03/17/2005 03:27:28 PM MIME-Version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: quoted-printable X-Virus-Checked: Checked Subject: [users@httpd] SPNEGO module for Apache X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N I was wondering if anyone has encountered any security concern/issues w= hile implementing Vintela's SPNEGO < http://www.vintela.com/resources/topics/spnego/ >. =A0SPNEGO provides a= single-sign-on in a KERBEROS enabled environment. Basically it allows w= eb applications to automatically authenticate clients who have valid Kerbe= ros credentials. I am planning to install the mod_spnego module on a apache server, that= will enable the client to single-sign-on to our internal application, i= f they are part of our AD. One possible concern is the increase of CSRF type of attacks, but that = is the case with any single-sign-on solution. There is also the mod_spnego available on sourceforge.net any experienc= es with that? Thanks. Saqib Ali http://validate.sf.net= --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org