kerberos vs ldap
Danny Mayer
mayer at ntp.isc.org
Sun Mar 30 21:56:27 EDT 2008
Donn Cave wrote:
>> LDAP has nothing whatsoever to do with authorization. It's a data
>> storage and retrieval mechanism. If you choose to use it for
>> authorization that's up to you.
>
> Taken out of context, that's true, but conversations
> like this can be awfully tedious if we have to drag
> around explicit context. Give us a break, OK? How
> would you explain the relation between LDAP vs. Kerberos?
Not at all. I've done authentication with both LDAP and Kerberos. Each
has different goals. LDAP is not an authorization protocol either though
it can be used that way. You can also use database tables to do
authorization. These are just different implementation strategies. I've
used both. The choices that need to be made depend on both your goals
and your architecture.
Danny
> Donn Cave, donn at u.washington.edu
More information about the Kerberos
mailing list