A question on Forward and Proxy tickets.
Rohith K N
rohithkn at hotmail.com
Wed Apr 2 13:55:19 EST 2003
Hi,
I have a question on Kerberos Proxy and forward tickets.
Can a service holding a forwarded ticket get a proxy ticket for another
service or a user?
My understanding of Kerberos 15 days old and I need your comments on this.
This is will be considered as a solution for a service called “Work on
behalf” (Wb). This service should allow user B to work on A’s behalf. B
would have access (on A’s behalf) to some services and not to other.
Proposed solution for this is that A tells Wb that B would login (latest by
time T) and access services X Y and Z on behalf of him. A gets a
forward-able ticket and forwards it to Wb, Wb would get a renewable ticket
and keep on renewing it till B logs on, or till T. When B contacts Wb and
let him know that he wants to work on A’s behalf, Wb would get B proxy
tickets to services (X Y and Z).
Will this soultion work? If so what are the caveats here?
Thanks for your time and response,
Rohith K N
_________________________________________________________________
Find a partner. For life. http://www.shaadi.com/ptnr.php?ptnr=hmlql
Meet at Shaadi.com
More information about the Kerberos
mailing list