SAML-AAI/Kerberos (re-send)
Thomas Hardjono
hardjono at MIT.EDU
Wed Mar 21 10:27:03 EDT 2012
Hi Chen Liang,
Related to this, OASIS should soon be publishing a spec on Kerberos Web Browser SSO using SAML.
When it comes out, I will forward it to this list.
/thomas/
________________________________________
From: kerberos-bounces at MIT.EDU [kerberos-bounces at MIT.EDU] on behalf of Douglas E. Engert [deengert at anl.gov]
Sent: Tuesday, March 20, 2012 5:40 PM
To: kerberos at mit.edu
Subject: Re: SAML-AAI/Kerberos (re-send)
On 3/20/2012 4:26 PM, Chen Liang wrote:
> Hi all,
>
> I'm doing research in federated single sign-on. I saw the work of rok Papez
> to connecting web and Kerberos single sign-on. The work was presented
> in Terena networking conference (Link:
> http://tnc2009.terena.org/schedule/presentations/showdf6f.html?pres_id=56).
> However,
> I can't find any implementation or any documentation on how to implement
> the issue.
>
> I'm wondering, has anyone attempted to implement work? If so, where can I
> find documentation on it? Any help would be great.
As I said in the previous response, Shibboleth can do this.
The Shibboleth IDP can accept SPNEGO GSSAPI as an authentication method.
Thus you can use a campus Kerberos infrastructure to login into
your site IDP in a larger federation.
https://wiki.shibboleth.net/confluence/display/SHIB2/Kerberos+Login+Handler
Or Google for shibboleth kerberos
For a large federation see: http://www.incommonfederation.org/
>
> The last email has a large attachment. Here is the re-edited version.
>
> Thanks
> Chen
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
________________________________________________
Kerberos mailing list Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list