Portability, RPC and kerberos v5?
Rob J Meijer
rmeijer at xs4all.nl
Thu Oct 7 09:57:13 EDT 2004
I'm currently working on the design of an authorisation system. For authentication, making use of kerberos v5
seems the most suitable. I need the processes make authenticated RPC requests to a set of authorisation and
capability broking servers. The problem I am having is that my 2 main specs seem to give me a bit
of a problem to combine:
* I need to use portable IPC/RPC (Solaris,Linux,*BSD,AIX,True64,OS-X,Win2000)
* I need to use Kerberos v5 authentication.
I've seen that the Kerberos v4 authentication is seeminly quite wide spread in all Sun-RPC implementations,
and on my solaris system there apears to be some aditional authentication define that seems to give a hook
to something called GSS, where in the header files there seems to be reference to kerberos v5, but as this
define does not seem to be pressent in the rpc header files on either FreeBSD or Linux, I think this might
not be quite portable.
Am I right? Or should I use sun-rpc with this gss stuf as defined in the rpc header files on solaris?
It is not so important that the code I now use is portable, as it is that the communication is portable,
if I need to use an other API on solaris than on Linux, BSD and yet an other on win2000, that would be an obsacle I
could overcome. If however the Linux client library or the win2000 client library was unable to comunicate and
authenticate to the authorisation server running on Solaris, this would be a problem.
Any pointers would be apriciated. I need portable kerberos 5 authenticated RPC that is portable between
Solaris,Linux,*BSD,AIX,True64,OS-X and Win2000, am I looking in the right direction, or is this just plain
Rob J Meijer
More information about the Kerberos