Web auth

Sebastian Konstanty Zdrojewski s.zdrojewski at neticon.it
Sat Apr 12 05:18:35 EDT 2003

I was thinking to use this solution. The application will run on a Linux 
box phisically located in a DMZ with an SSL layer installed to prevent 
sending plain text passwords.

Thanks for suggestions, if anybody have some othe guideline, it would be 
really helpful.

Thanks again,


Joey Collins wrote:

>If you want to keep it simple, you can use kinit to get a
>ticket-granting-ticket.  using kinit, you need to supply a username and
>password, this gets packaged up in a KRB5 AP-REQ message to the domain
>controller.  kinit returns success if the username/password pair are
>valid, otherwise, authentication failure.  This scheme is predicated on
>the assumption you have the plaintext username and password, perhaps
>gathered over an ssl connection(https).
>Sebastian Konstanty Zdrojewski wrote:
>>I am new to this mailing list, so please excuse me if I am saying
>>something stupid.
>>I am working on an authentication system for a web application using the
>>Windows NT5 domain controller authentication database. Does anybody
>>already worked on this and can give me a suggestion?
>>Thanks in advance,
>>Sebastian Konstanty Zdrojewski
>>IT Analyst
>>Neticon S.r.l.
>>via Valtellina, 16 - 20159 Milano
>>Tel. +39 02 68.80.731
>>FAX +39
>>Cell. +39 349.33.04.311
>>ICQ # 97334916
>>Web: http://www.neticon.it/
>>E-mail: s.zdrojewski at neticon.it
>>Kerberos mailing list           Kerberos at mit.edu


Sebastian Konstanty Zdrojewski
IT Analyst

Neticon S.r.l.
via Valtellina, 16 - 20159 Milano
Tel. +39 02 68.80.731
FAX +39
Cell. +39 349.33.04.311
ICQ # 97334916
Web: http://www.neticon.it/
E-mail: s.zdrojewski at neticon.it

More information about the Kerberos mailing list