You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Jiajia Li (JIRA)" <ji...@apache.org> on 2015/07/15 09:46:04 UTC

[jira] [Updated] (DIRKRB-280) Kadmin tool will be authenticated first before any real operation

     [ https://issues.apache.org/jira/browse/DIRKRB-280?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jiajia Li updated DIRKRB-280:
-----------------------------
    Attachment: DIRKRB-280-v1.patch

Add the JAAS authentication before the basic functionalities of kadmin tool with the credential cache. Please help to review and give some advises, thanks.

> Kadmin tool will be authenticated first before any real operation
> -----------------------------------------------------------------
>
>                 Key: DIRKRB-280
>                 URL: https://issues.apache.org/jira/browse/DIRKRB-280
>             Project: Directory Kerberos
>          Issue Type: Sub-task
>            Reporter: Kai Zheng
>             Fix For: 1.0.0-RC1
>
>         Attachments: DIRKRB-280-v1.patch
>
>
> Currently a local mode kadmin tool for Kerby KDC is almost ready equipped with basic functionalities. The mode requires it should be launched in the KDC server host. This is to move on and enforce necessary authentication for it. The kadmin@KDC-REALM principal will be used to perform the authentication. To be simple, once its credential (password, or keytab) is validated by an AS-REQ returning a tgt, the authentication is passed. No GSSAPI or TGS-REQ/AP-REQ will be involved.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)