apache & Kerberos

Tim Alsop Tim.Alsop at CyberSafe.Ltd.UK
Fri Aug 1 13:09:10 EDT 2003


There is support in IE for Kerberos using SSPI and we utilise that if required, however we also have a client/workstation component with our product that acts as a local proxy and therefore intercepts communications between client workstation and web or proxy servers on the network. Since the local proxy is able to access user credentials cache it is able to use GSSAPI to setup a security context with the web/proxy server when it receives a 401 response indicating authentication is required.

The local proxy approach can therefore support any browser such as IE, Netscape, Mozilla, Opera etc.

Cheers, Tim. 

-----Original Message-----
From: Andreas [mailto:andreas at conectiva.com.br] 
Sent: 01 August 2003 18:05
To: Tim Alsop
Cc: Subu Ayyagari; kerberos at mit.edu
Subject: Re: apache & Kerberos

On Fri, Aug 01, 2003 at 03:46:46PM +0100, Tim Alsop wrote:
> context. The approach our WebAccess product uses and the one 
> referenced by Jeremy and developed with Heimdal libraries uses 
> Kerberos and GSSAPI to establish a security context between the 
> browser and the Web server and hence

Which type of browser has GSSAPI support? Or do you patch, say, mozilla as well?

More information about the Kerberos mailing list