GSS-API pointers
Richard Gundersen
richardgundersen at hotmail.com
Tue Apr 27 04:40:58 EDT 2004
Hi
Sorry if this is the wrong place to ask this question - I'm having trouble
understanding how to use GSS-API to make my web applications secure via
Kerberos
For example, if I'm using Tomcat as my app server, would there be a GSS-API
module (something like mod_ssl for Apache??) that sits in front of all
network traffic, and only allows traffic through once mutual authentication
has taken place?
Or would I use GSS-API to securely pass the Subject class from the local
machine to the server so that JAAS can execute the relevant actions on
behalf of that user?
Or is it something completely different? I'm struggling here because of the
complete lack of good documentation for GSS-API on the web. If someone could
either tell me how far from the truth I am, and/or point me in the direction
of some good GSS-API resources, I would be ETERNALLY grateful.
Thanks
Richard
_________________________________________________________________
It's fast, it's easy and it's free. Get MSN Messenger today!
http://www.msn.co.uk/messenger
More information about the Kerberos
mailing list