kerberos programming and ldap

melissa_benkyo wyl_lyf at yahoo.com
Mon Apr 12 17:40:27 EDT 2004


Hi brian,

thanks for the info. I guess, I'm looking for a way not to use cyrus
if possible cause I'm not sure how to use it with SEAM? :D I'm going
to be using the native SEAM on solaris. Do I need to install it again
if I were to enable it to use cyrus? There are actually more parts
involved like SEAM, iplanet, and cyrus. I don't know how to make
iplanet use cyrus and SEAM?

any inputs are much appreciated. thanks for the help, guys.

making my life complicated, 
melissa :D



bdavids1 at gmu.edu (Brian Davidson) wrote in message news:<82570D7F-8CA8-11D8-8346-000393CCB774 at gmu.edu>...
> On Apr 12, 2004, at 9:38 AM, melissa_benkyo wrote:
> 
> > hello!!! thanks for the resposnse I was hoping not to use SASL since
> > this means that it is a third party software. I was planning on using
> > the native protocols available to the OS such as the ldap and the
> > kerberos. Do u know how to use the kerberos with ldap? so is it not
> > possible now to use kerberos directly with ldap since this is a LDAP
> > v3?
> >
> > thanks so much for the help. :)
> 
> Melissa,
> 
> For ease of deployment, and future-proofing what you are trying to do, 
> I suspect you will find that SASL is actually a better route to go.  
> Non-SASL kerberos authentication support in LDAP clients is rare -- I'm 
> not aware of any clients that support it.  But, there are a lot of LDAP 
> clients which do support kerberos authentication via SASL.
> 
> You could modify OpenLDAP to directly support kerberos (instead of via 
> SASL), but why re-invent the wheel?  A nice standards based way to do 
> what you're trying to do already exists.  You could get cyrus-sasl, or 
> something similar, up and running in less time than it would take you 
> to develop a customized, non-standard ldap client, server and library.
> 
> Brian Davidson
> George Mason University
> 
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos


More information about the Kerberos mailing list