Kerberos and HTTP / HTTPS - Could Kerberos tickets be intercepted and misused?
Eichhorn, Thomas
Thomas.Eichhorn at klinikum-nuernberg.de
Tue Aug 23 02:24:02 EDT 2016
Hi,
We use Kerberos for SSO in our local intranet. We followed this tutorial: http://www.grolmsnet.de/kerbtut/
Everything works just fine.
I have a question about security:
Our intranet sites are delivered with HTTP. Can someone intercept the Kerberos ticket and use it for himself?
Thanks in advance
Thomas
________________________________
Klinikum Nürnberg, Sitz: Nürnberg, Amtsgericht Nürnberg -Registergericht- HRA 14190, Vorstand: Dr. Alfred Estelmann
More information about the Kerberos
mailing list