Kerberos Administration Protocol
Marcus Watts
mdw at umich.edu
Tue Jun 2 12:03:08 EDT 2009
> Date: Tue, 02 Jun 2009 15:28:32 +0200
> To: kerberos at mit.edu
> From: "max at mascanc.net" <max at mascanc.net>
> Subject: Kerberos Administration Protocol
>
> Hi,
>
> I'm looking for an open source Java implementation for the Kerberos
> administration protocol, for changing password, getprinc,
> delete_principal and so on. The main goals for kadmin, for
> the MIT implementation.
>
> Are there any libraries?
>
> If no, I would try to do an adHoc implementation. Are there
> documents? The only draft that I can see is
>
> http://tools.ietf.org/html/draft-ietf-cat-kerb-chg-password-00
>
> Thanks,
>
>
> Massimiliano
As it happens, I do have something that might be the start at this.
It could stand a bit more "polishing" before being released,
and at the moment, it's not on our priority list. If this is
something of interest to you, we should certainly talk.
You won't be at afsbpw 2009, by any chance?
What I have does:
chpass
chrand
createpolicy
create
deletepolicy
deleteprinc
getpolicies
getpolicy
getprinc
getprincs
modifypolicy
modifyprincipal
renameprinc
setkeyprincipal
It's mostly java code, including most of the xdr to implement
the above. Some basic stuff is in C / JNI - including gssapi
proper. At one point I thought I had located a suitable open source
java implementation of sun rpc - I hope it still exists.
Implementing rpcsec-gss on top of it may not be simple.
-Marcus Watts
More information about the Kerberos
mailing list