Kerberos for authentication, php for authorization
Michael B Allen
mba2000 at ioplex.com
Fri Jun 8 13:58:46 EDT 2007
On Fri, 8 Jun 2007 18:14:38 +0100
Simon Wilkinson <simon at sxw.org.uk> wrote:
> Aside: If you're using a single, general purpose, keytab you almost
> certainly _don't_ want the GSS_C_NO_CREDENTIAL behaviour - you want
> to be sure that your ssh service will only accept 'host/' principals,
> for example.
Ahh, ok. But why is using GSS_C_NO_CREDENTIAL a problem exactly? If the
key is good the key is good no?
Mike
--
Michael B Allen
PHP Active Directory Kerberos SSO
http://www.ioplex.com/
More information about the Kerberos
mailing list