[EXTERNAL] using kerberos to authenticate for a web api
Nebergall, Christopher
cneberg at sandia.gov
Tue Nov 5 11:00:05 EST 2013
mod_auth_kerb works, most of the updates nowadays come from Redhat and others within a specific linux distro. So you can install using your distro specific package manager. I believe redhat puts their patches in the srpms if want to compile their latest for a different platform.
>>and it would require me to have API clients deal with SPNEGO.
It validates Kerberos passwords ie, basic auth, and regular Kerberos GSSAPI, and SPNEGO GSSAPI.
-Christopher
-----Original Message-----
From: kerberos-bounces at mit.edu [mailto:kerberos-bounces at mit.edu] On Behalf Of Chris Hecker
Sent: Tuesday, November 05, 2013 1:23 AM
To: kerberos at mit.edu
Subject: [EXTERNAL] using kerberos to authenticate for a web api
I use kerberos for my authn system, including direct krb5 calls from my
game, CoSign for webpage SSO, etc. At some point, I'd like to make the
metrics from my game available in a web API, and I'd like to
authenticate these API users with the same kerberos system. What's the
best way to do this? Most APIs are authenticated with OAuth these days,
but I don't see any turnkey hookup for Kerberos and OAuth. I found this
old thing:
http://tools.ietf.org/id/draft-hardjono-oauth-kerberos-01.txt
There's mod_auth_kerb, but it hasn't been updated in a long time (maybe
it just works?), and it would require me to have API clients deal with
SPNEGO.
Any advice here?
Thanks,
Chris
________________________________________________
Kerberos mailing list Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list