service that communicates with different KDCs
Thomas LaPorte
Thomas.LaPorte at dreamworks.com
Thu Nov 4 13:37:14 EDT 2010
I would think that as long as each KDC owner publishes it's SRV
records via DNS, your service would be able to communicate with the
appropriate KDC.
- Tom
Thomas A. La Porte
DreamWorks Animation
thomas.laporte at dreamworks.com
On Nov 4, 2010, at 10:20 AM, Ben <benkwint at gmail.com> wrote:
> Hi there,
>
> I was hoping to get some advice here about setting up a service that
> works with kerberos. The problem is that it's a webservice that
> possibly needs to communicate with different KDCs.
> We have a webserver that runs multiple instances of a certain
> webapplication. More then one client would like to communicate with
> this application using Kerberos, now its my first time working with
> kerberos so i'm quite new. Is it possible to allow this application to
> authenticate users from different KDC's.
>
> My main concern is that you need time synchronisation, which is quite
> difficult if multiple clients want to use their own KDC server.
>
> Thanks in advance
More information about the Kerberos
mailing list