You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by Marc Boorshtein <mb...@gmail.com> on 2008/04/18 03:27:04 UTC
[Kerberos] Client and server libraries?
ApacheDSers,
I'm looking to implement Kerberos for JLDAP (for MyVirtualDirectory). I've
got JNDI's Kerberos support working, but I don't like it all that much and
would like to integrate Kerberos into JLDAP. I know you guys have
implemented a server side library, do you guys have a client side kerberos
implementation?
Thanks
Marc
Re: [Kerberos] Client and server libraries?
Posted by Marc Boorshtein <mb...@gmail.com>.
> There is a client implementation, but the focus was on getting the
> minimum working to support integration tests of our own server and the
> JAAS Kerberos client was too rigid in it's configuration. I'm sure as
All I really need is authentication, so this looks perfect. Out of
curiosity, anyone try this with Active Directory?
>
> soon as you tried it you'd find it was missing features you needed.
> But, it does do basic ticket acquisition and it allows us to test
> GSSAPI/Kerberos authentication to our own LDAP impl as well as
> integration-test our Change Password client, too.
Perfect. I took a look at the test class and this looks perfect. I'll test
it against AD so lets see what happens.
Thanks
Marc
>
>
> Enrique
>
Re: [Kerberos] Client and server libraries?
Posted by Enrique Rodriguez <en...@gmail.com>.
On Thu, Apr 17, 2008 at 6:27 PM, Marc Boorshtein <mb...@gmail.com> wrote:
> ApacheDSers,
>
> I'm looking to implement Kerberos for JLDAP (for MyVirtualDirectory). I've
> got JNDI's Kerberos support working, but I don't like it all that much and
> would like to integrate Kerberos into JLDAP. I know you guys have
> implemented a server side library, do you guys have a client side kerberos
> implementation?
There is a client implementation, but the focus was on getting the
minimum working to support integration tests of our own server and the
JAAS Kerberos client was too rigid in it's configuration. I'm sure as
soon as you tried it you'd find it was missing features you needed.
But, it does do basic ticket acquisition and it allows us to test
GSSAPI/Kerberos authentication to our own LDAP impl as well as
integration-test our Change Password client, too.
Enrique