[14709] in Kerberos
kerberos for web applications
daemon@ATHENA.MIT.EDU (don disco)
Tue Jul 24 00:15:19 2001
Date: 24 Jul 2001 04:17:45 -0000
Message-ID: <20010724041745.18543.qmail@mailFA3.rediffmail.com>
MIME-Version: 1.0
To: "raeburn@mit.edu" <raeburn@mit.edu>
CC: "kerberos@mit.edu" <kerberos@mit.edu>
From: "don disco" <kerberoz@rediffmail.com>
Content-ID: <Tue_Jul_24_09_47_45_IST_2001_0@mailFA3.rediffmail.com>
Content-type: text/plain
Content-Description: Body
Content-Transfer-Encoding: 7bit
Can i use kerberos to implement security in a web application i.e. can i make only authenticated users access web pages in the web application ,also can i bring about authorisation in the application i.e can have a role based access for pages in the application?
If yes what will my kerborised client/service be?
If no what are the options i have?
don
------------- Original Message --------------
Ken Raeburn <raeburn@mit.edu> wrote:
To:"don disco" <kerberoz@rediffmail.com>
From:Ken Raeburn <raeburn@mit.edu>
Date:20 Jul 2001 19:02:18 -0400
Subject: Re: testing kerberoz with telnet
> I have query though,can i have kerboroz authenticate users(principals)
> who are say in an ldap database?i.e instead of adding each user as a
> prinicipal to the kerberos databse can i add(userid and password) them
> to an ldap database and get them authenticated thru kerberoz.
The MIT KDC doesn't support having database entries anywhere other
than in its own database. IBM has looked into using LDAP to access
the Kerberos database, but I don't know the specifics. (In
particular, I don't know if their KDC is modified to use the LDAP
interface or if it accesses the database directly.)
Ken
____________________________________________________
http://www.monsterindia.com - The Best Jobs. For the Best Minds.
