After few tests, it shows up that this implementation shows severe security leaks. It seems that, once a user is correctly identified, the context is used for all further authentication…. does this has been tested or is this just a proof of concept ?
Best Regards, Le 18 oct. 2011 à 11:59, Christophe Ségui a écrit : > A few modifications must be made to the source in order to make this work. > Should i have an account to update the wiki documentation ? > > Le 17 oct. 2011 à 19:09, Marvin Addison a écrit : > >> It's fairly dated, but I believe the only significant changes are >> package names. We'd be pleased for you to edit to bring up to date. >> In my experience LDAP auth with GSSAPI is fairly arcane, and we don't >> have the resources to actively maintain the related docs. That's to >> say we rely on community members to help keep it up to date. >> >> M >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user > > _______________________________________ > > Christophe Ségui > Responsable de Service > Service Informatique > Institut de Mathématiques de Toulouse - UMR 5219 > Université de Toulouse, CNRS > > > UNIVERSITE PAUL SABATIER > BAT 1R3 bur 221 > 118 Route de Narbonne > 31062 Toulouse Cedex 9 > > tel : 05.61.55.63.78 fax :05.61.55.75.99 > _______________________________________ > > Economisez de l'énergie, du papier et de l'encre, n'imprimez ce message que > si nécessaire. Pour en savoir plus consultez www.ecoinfo.cnrs.fr > > > > > _______________________________________ Christophe Ségui Responsable de Service Service Informatique Institut de Mathématiques de Toulouse - UMR 5219 Université de Toulouse, CNRS UNIVERSITE PAUL SABATIER BAT 1R3 bur 221 118 Route de Narbonne 31062 Toulouse Cedex 9 tel : 05.61.55.63.78 fax :05.61.55.75.99 _______________________________________ Economisez de l'énergie, du papier et de l'encre, n'imprimez ce message que si nécessaire. Pour en savoir plus consultez www.ecoinfo.cnrs.fr
smime.p7s
Description: S/MIME cryptographic signature
