GSS-API pointers
Rikard Skjelsvik
rskjels at pogostick.net
Tue Apr 27 10:46:56 EDT 2004
Perhaps the following links could help:
Single Sign-on for Your Web Applications with Apache and Kerberos
http://www.onlamp.com/pub/a/onlamp/2003/09/11/kerberos.html
There is also another one at the same site which could be of use:
Adventures with Kerberos, CVS, and GSS-API
http://www.linuxdevcenter.com/pub/a/linux/2003/05/22/cvs_gssapi.html
Richard Gundersen wrote:
> Hi
>
> Sorry if this is the wrong place to ask this question - I'm having
> trouble understanding how to use GSS-API to make my web applications
> secure via Kerberos
>
> For example, if I'm using Tomcat as my app server, would there be a
> GSS-API module (something like mod_ssl for Apache??) that sits in front
> of all network traffic, and only allows traffic through once mutual
> authentication has taken place?
>
> Or would I use GSS-API to securely pass the Subject class from the local
> machine to the server so that JAAS can execute the relevant actions on
> behalf of that user?
>
> Or is it something completely different? I'm struggling here because of
> the complete lack of good documentation for GSS-API on the web. If
> someone could either tell me how far from the truth I am, and/or point
> me in the direction of some good GSS-API resources, I would be ETERNALLY
> grateful.
>
> Thanks
>
> Richard
>
> _________________________________________________________________
> It's fast, it's easy and it's free. Get MSN Messenger today!
> http://www.msn.co.uk/messenger
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
--
Rikard Skjelsvik
More information about the Kerberos
mailing list