SAML-AAI/Kerberos (re-send)
Douglas E. Engert
deengert at anl.gov
Tue Mar 20 17:40:06 EDT 2012
On 3/20/2012 4:26 PM, Chen Liang wrote:
> Hi all,
>
> I'm doing research in federated single sign-on. I saw the work of rok Papez
> to connecting web and Kerberos single sign-on. The work was presented
> in Terena networking conference (Link:
> http://tnc2009.terena.org/schedule/presentations/showdf6f.html?pres_id=56).
> However,
> I can't find any implementation or any documentation on how to implement
> the issue.
>
> I'm wondering, has anyone attempted to implement work? If so, where can I
> find documentation on it? Any help would be great.
As I said in the previous response, Shibboleth can do this.
The Shibboleth IDP can accept SPNEGO GSSAPI as an authentication method.
Thus you can use a campus Kerberos infrastructure to login into
your site IDP in a larger federation.
https://wiki.shibboleth.net/confluence/display/SHIB2/Kerberos+Login+Handler
Or Google for shibboleth kerberos
For a large federation see: http://www.incommonfederation.org/
>
> The last email has a large attachment. Here is the re-edited version.
>
> Thanks
> Chen
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list