SAML-AAI/Kerberos (re-send)

Douglas E. Engert deengert at anl.gov
Tue Mar 20 17:40:06 EDT 2012



On 3/20/2012 4:26 PM, Chen Liang wrote:
> Hi all,
>
> I'm doing research in federated single sign-on. I saw the work of rok Papez
> to connecting web and Kerberos single sign-on. The work was presented
> in Terena networking conference (Link:
> http://tnc2009.terena.org/schedule/presentations/showdf6f.html?pres_id=56).
> However,
> I can't find any implementation or any documentation on how to implement
> the issue.
>
> I'm wondering, has anyone attempted to implement work? If so, where can I
> find documentation on it? Any help would be great.

As I said in the previous response, Shibboleth can do this.

The Shibboleth IDP can accept SPNEGO GSSAPI as an authentication method.
Thus you can use a campus Kerberos infrastructure to login into
your site IDP in a larger federation.

https://wiki.shibboleth.net/confluence/display/SHIB2/Kerberos+Login+Handler

Or Google for shibboleth kerberos

For a large federation see: http://www.incommonfederation.org/


>
> The last email has a large attachment. Here is the re-edited version.
>
> Thanks
> Chen
>

-- 

  Douglas E. Engert  <DEEngert at anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444


More information about the Kerberos mailing list