Role Based Access Control how-to with Kerberos and JAAS?
Ken Hornstein
kenh at cmf.nrl.navy.mil
Mon Dec 15 01:08:58 EST 2003
> I can successfully use JAAS against a Kerberos KDC to authenticate
>principals, but is there a way to define both users and groups to which
>those users belong in Kerberos such that when a user (bob) authenticates
>successfully, it returns all of the principals for "bob" like "manager,
>user" so that I can set my Java Policy file at a higher level of
>granularity than the individual user. It is not obvious to me how to do
>that with the kerberos admin commands.
I guess my first question is ... what's a Kerberos "group"?
--Ken
More information about the Kerberos
mailing list