multiple domain authentication scenario
Farzad Kohantorabi
Farzad.Kohantorabi at interfacing.com
Thu Aug 13 17:50:57 EDT 2009
Hello,
I have a web application that negotiates a principal with the user's browsers and then uses Kerberos for authentication. This works fine when there is only one domain. Now I am wondering if this holds water if the user is coming from a different domain than the web server's domain (the web server is not supposed to be a public server so users come in from internal networks). The thing that confuses me is that my server has a keytab for communication with its own KDC, and I am not sure if it is possible to authenticate a user from a different domain with the web server's KDC?
Cheers,
Farzad-
More information about the Kerberos
mailing list