service that communicates with different KDCs

Ben benkwint at gmail.com
Thu Nov 4 06:53:44 EDT 2010


Hi there,

I was hoping to get some advice here about setting up a service that
works with kerberos. The problem is that it's a webservice that
possibly needs to communicate with different KDCs.
We have a webserver that runs multiple instances of a certain
webapplication. More then one client would like to communicate with
this application using Kerberos, now its my first time working with
kerberos so i'm quite new. Is it possible to allow this application to
authenticate users from different KDC's.

My main concern is that you need time synchronisation, which is quite
difficult if multiple clients want to use their own KDC server.

Thanks in advance.



More information about the Kerberos mailing list