interoperability of Kerberos client and server

Jeffrey Altman jaltman at MIT.EDU
Fri Sep 10 15:02:23 EDT 2004

The appropriate place for this discussion is kerberos at or the 
newsgroup.  The krbdev at mailing list is meant to be used for 
discussion on the
development of the MIT Kerberos implementation.

I am redirecting replies to kerberos at

As a hint: Java JAAS modules do not perform network authentication.  
They are used to obtain
local credentials which may or may not be used in the future input to 
the network authentication
protocol such as GSS-API.  Java provides its own implementation of 
GSS-API Kerberos 5 for use
in communicating with other GSS-API Kerberos 5 compatible clients and 

Jeffrey Altman

Ying Zhao wrote:

>Thanks, Derrick!
>However, as far as my understanding about GSS-API, it is more like a
>peer-to-peer implementation. If I want to stick to (or at most customize
>"" - a JAAS plug-in module,
>is this going to be a potential problem? From the source code, it is a
>NT implementation and I am working on tuning it for UNIX one.
>- Ying

More information about the krbdev mailing list