Kerberos http authentication
Joel D. Kraft
jdk6 at po.cwru.edu
Mon Feb 11 11:19:05 EST 2002
"Donn Cave" <donn at u.washington.edu> wrote in message
news:a3p7uh$2a5g$1 at nntp6.u.washington.edu...
> Quoth bbense at networking.stanford.edu ("Booker C. Bense"):
>|>- The proxy method: a web server that acts as the kerberos proxy and
holds
>|> the tickets, and then hands out cookies or certificates to the browsers
>
> Only inasmuch as the Kerberos authentication server can be used to
> validate passwords. The proxy, if that's the right term, can get
> a Kerberos ticket, and throw it away. The browser's host doesn't
> ever see any of that, Kerberos credentials there are irrelevant.
> The question would be not how well it integrates, rather what it
> means to integrate - if you want a Kerberos application, it isn't,
> but if you only want it to work at a site that has only Kerberos
> passwords, it does. The rest is about cookies.
>
Does anyone know of anything that will perform this function under
IIS? We have an existing system with our own session management
already set up. Currently most of the authentication takes place
against a database... but we want to add kerberos to that.
I'm only looking for authentication of username and password, so
this situation where the server simply tries to obtain the tickets
and discards them is perfect. Something ActiveX would be a godsend.
Thanks!
Joel
Joel D. Kraft
Assistant Director of Housing
--
------------------------------------------------------------------------
housing at po.cwru.edu | Case Western Reserve University
Phone 216-368-3780 | Department of Housing & Residence Life
FAX 216-368-6658 | http://housing.cwru.edu/
------------------------------------------------------------------------
More information about the Kerberos
mailing list