You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by Mike Bonnet <mi...@redhat.com> on 2006/11/20 17:36:09 UTC
Kerberos authentication
Does anyone have tips or example code for enabling Kerberos
authentication, using either the C++ or Java brokers?
Thanks,
Mike
Re: Kerberos authentication
Posted by Robert Greig <ro...@gmail.com>.
On 20/11/06, John O'Hara <jo...@gmail.com> wrote:
> We should get onto that one.
> RG probably has some pointers.
Yes the Java broker and client should relatively support Kerberos
using our SASL support. I will send some detailed information later
today/early tomorow.
RG
Re: Kerberos authentication
Posted by John O'Hara <jo...@gmail.com>.
We should get onto that one.
RG probably has some pointers.
On 20/11/06, Gordon Sim <gs...@redhat.com> wrote:
>
> Mike Bonnet wrote:
> > Does anyone have tips or example code for enabling Kerberos
> > authentication, using either the C++ or Java brokers?
>
> Neither the c++ client nor the broker currently support anything other
> than plain authentication I'm afraid.
>
Re: Kerberos authentication
Posted by Gordon Sim <gs...@redhat.com>.
Mike Bonnet wrote:
> Does anyone have tips or example code for enabling Kerberos
> authentication, using either the C++ or Java brokers?
Neither the c++ client nor the broker currently support anything other
than plain authentication I'm afraid.
Re: Kerberos authentication
Posted by Robert Greig <ro...@gmail.com>.
On 20/11/06, Mike Bonnet <mi...@redhat.com> wrote:
> Does anyone have tips or example code for enabling Kerberos
> authentication, using either the C++ or Java brokers?
This page on the wiki describes the SASL configuration on both the
client and the server:
http://cwiki.apache.org/confluence/display/qpid/Qpid+Design+-+Authentication
Basically on the server, you need to create an
AuthenticationProviderInitialiser, for the GSSAPI mechanism. The
current examples are based on username/pwd so you can't just extend
the abstract UsernamePasswordInitialiser but hopefully that example
gives an idea of what is required.
The table at the bottom of this page:
http://download.java.net/jdk6/doc/technotes/guides/security/sasl/sasl-refguide.html
is useful to understand what things you need to be able to pass in to
the GSS provider.
The client side is done in a similar way.
Let me know if you need more details on any of the above and I'll do
my best to help.
RG