[14939] in Kerberos
Re: kerborising web applications
daemon@ATHENA.MIT.EDU (Joe)
Thu Aug 2 18:56:39 2001
From: "Joe" <Joe@false-email.com>
Date: Fri, 3 Aug 2001 00:42:28 +0200
Message-ID: <3b69d909.0@news1.mweb.co.za>
To: kerberos@MIT.EDU
If you dont mind doing a system in VB, you should look at this
http://www.kewlstuff.co.za/
This library assumes you know the basic concepts of kerberos and security
and it just gives you the tools to set it up yourself.
Its not going to be standard but frankly who cares if its a closed system.
You would do something like this.
The browser will (using Java component) talk to your ticket issuing server
(IIS to VB servlet), and then to the service (IIS to VB servlet) itself.
Because this is all just web based if you wanted to redirect via SSL from
one server to some other server, I guess it could be done. You just write
whatever servers you want behind a normal WEB server using the cryptography
tools.
A little extra work but you can do anything. It comes with a simple example.
""don disco"" <kerberoz@rediffmail.com> wrote in message
news:20010723083529.16747.qmail@mailFA4.rediffmail.com...
> Can i use kerberos to implement security in a web application i.e. can i
make only authenticated users access web pages in the web application ,also
can i bring about authorisation in the application i.e can have a role based
access for pages in the application?
> If yes what will my kerborised client/service be?
> If no what are the options i have?
> don
>
> ____________________________________________________
> http://www.monsterindia.com - The Best Jobs. For the Best Minds.
>
