using kerberos to authenticate for a web api
Chris Hecker
checker at d6.com
Tue Nov 5 02:22:40 EST 2013
I use kerberos for my authn system, including direct krb5 calls from my
game, CoSign for webpage SSO, etc. At some point, I'd like to make the
metrics from my game available in a web API, and I'd like to
authenticate these API users with the same kerberos system. What's the
best way to do this? Most APIs are authenticated with OAuth these days,
but I don't see any turnkey hookup for Kerberos and OAuth. I found this
old thing:
http://tools.ietf.org/id/draft-hardjono-oauth-kerberos-01.txt
There's mod_auth_kerb, but it hasn't been updated in a long time (maybe
it just works?), and it would require me to have API clients deal with
SPNEGO.
Any advice here?
Thanks,
Chris
More information about the Kerberos
mailing list