Kerberising applications on linux
S Krithika
skrithika at novell.com
Thu Sep 1 11:31:12 EDT 2005
Hi,
I'm interested in understanding what interfaces are available to
Kerberise a linux FTP server. There are two sections, basically
authentication and authorisation that we should be focusing on right?
a. Authentication - We can use kerberos authentication - That is FTP
server will accept the kerberos ticket and authenticate the user. For
this GSS APIs can be used to accept_context and process further data.
b. The second step is to Authorise. - We need to use the authentication
information obtained from kerberos and refer to a directory ( a database
that has the user rights, access, etc..) for authorisation. OpenLDAP can
be used to access the database, but how do I provide the authentication
information from kerberos to OpenLDAP?
Can someone give me pointers on what interfaces I need to use to
accomplish this? I'm lost with GSSAPIs, SASL APIs, PAM Kerberos, etc..
What is the best way to implement authentication and authorisation on a
kerberised environment?
Thanks,
Krithika.
More information about the krbdev
mailing list