You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2005/04/29 01:41:40 UTC

svn commit: r165231 - /directory/protocol-providers/kerberos/trunk/xdocs/index.xml

Author: erodriguez
Date: Thu Apr 28 16:41:39 2005
New Revision: 165231

URL: http://svn.apache.org/viewcvs?rev=165231&view=rev
Log:
Kerberos protocol provider doco updates from spin out of changepw doco.

Modified:
    directory/protocol-providers/kerberos/trunk/xdocs/index.xml

Modified: directory/protocol-providers/kerberos/trunk/xdocs/index.xml
URL: http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/xdocs/index.xml?rev=165231&r1=165230&r2=165231&view=diff
==============================================================================
--- directory/protocol-providers/kerberos/trunk/xdocs/index.xml (original)
+++ directory/protocol-providers/kerberos/trunk/xdocs/index.xml Thu Apr 28 16:41:39 2005
@@ -1,34 +1,45 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<document>
-    <properties>
-        <author email="erodriguez@apache.org">Enrique Rodriguez</author>
-        <title>Overview</title>
-    </properties>
-
-    <body>
-        <section name="Introduction">
-            <p>Apache Kerberos is a Java implementation of the 
-        <a href="http://www.ietf.org/rfc/rfc1510.txt">RFC 1510</a> Kerberos V5 Network Authentication Service.  The purpose of Kerberos is to verify the identities of principals (users or services) on an unprotected network.  While generally thought of as a single-sign-on technology, Kerberos' true strength is in authenticating users without ever sending their password over the network.  Kerberos is designed for use on open (untrusted) networks and, therefore, operates under the assumption that packets traveling along the network can be read, modified, and inserted at will.  <a href="http://www.computerworld.com/computerworld/records/images/pdf/kerberos_chart.pdf">This chart</a> provides a good description of the protocol workflow.</p>
-
-            <p>Kerberos is named for the three-headed dog that guards the gates to Hades.  The three heads are the client, the Kerberos server, and the network service being accessed.</p>
-
-<p>Apache Kerberos is implemented as a protocol plugin for the Apache Directory server.  As a plugin, Kerberos leverages Apache SEDA for front-end services and the Apache Eve read-optimized backing store via JNDI for persistent directory services.</p>
-
-        <p>Apache Kerberos, in conjunction with SEDA and Eve, provides an easy-to-use yet fully-featured network authentication service.  As implemented within Apache Directory, Apache Kerberos will provide:
-            <ul>
-                <li>Authentication service (RFC 1510)</li>
-                <li>Ticket-granting service (RFC 1510)</li>
-                <li>Password-changing service (RFC 3244)</li>
-                <li>JMX remote management (JSR 160, JSR 28)</li>
-                <li>Optional LDAP management (Eve)</li>
-                <li>Standard schema, such as krb5-kdc and the DCE krbsch07 (Eve)</li>
-                <li>UDP and TCP Support (SEDA)</li>
-                <li>Traffic throttling (SEDA)</li>
-                <li>Overload shielding (SEDA)</li>
-                <li>Easy POJO embeddability for containers such as Geronimo, JBoss, and OSGi</li>
-            </ul>
-            </p>
-        </section>
-    </body>
-</document>
-
+<document>
+	<properties>
+		<author email="erodriguez@apache.org">Enrique Rodriguez</author>
+		<title>Overview</title>
+	</properties>
+	<body>
+		<section name="Introduction">
+			<p>Apache Kerberos is a Java implementation of the <a 
+				href="http://www.ietf.org/rfc/rfc1510.txt">RFC 1510</a> Kerberos V5 Network 
+				Authentication Service. The purpose of Kerberos is to verify the identities of 
+				principals (users or services) on an unprotected network. While generally thought 
+				of as a single-sign-on technology, Kerberos' true strength is in authenticating 
+				users without ever sending their password over the network. Kerberos is designed 
+				for use on open (untrusted) networks and, therefore, operates under the assumption 
+				that packets traveling along the network can be read, modified, and inserted at 
+				will. <a 
+				href="http://www.computerworld.com/computerworld/records/images/pdf/kerberos_chart.pdf">This 
+				chart</a> provides a good description of the protocol workflow.</p>
+			<p>Kerberos is named for the three-headed dog that guards the gates to Hades. The three 
+				heads are the client, the Kerberos server, and the network service being 
+				accessed.</p>
+			<p>Apache Kerberos is implemented as a protocol-provider plugin for the Apache 
+				Directory server. As a plugin, Kerberos leverages Apache MINA for front-end 
+				services and the Apache Directory read-optimized backing store via JNDI for 
+				persistent directory services.</p>
+			<p>Apache Kerberos, in conjunction with MINA and the Apache Directory, provides an 
+				easy-to-use yet fully-featured network authentication service. As implemented 
+				within the Apache Directory, Apache Kerberos will provide:</p>
+			<ul>
+				<li>Authentication service (RFC 1510)</li>
+				<li>Ticket-granting service (RFC 1510)</li>
+				<li>Pre-authentication support (RFC 1510)</li>
+				<li>DES encryption systems (RFC 1510)</li>
+				<li>Triple-DES (DES3) encryption systems</li>
+				<li>JMX remote management (JSR 160, JSR 28)</li>
+				<li>Optional LDAP management</li>
+				<li>UDP and TCP Support (MINA)</li>
+				<li>Traffic throttling (MINA)</li>
+				<li>Overload shielding (MINA)</li>
+				<li>Easy POJO embeddability for containers such as Geronimo, JBoss, and OSGi</li>
+			</ul>
+		</section>
+	</body>
+</document>