It is possible that your question is answered by this question in the Kerberos FAQ: http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html#kerbwww There has also been some work done on integrating Kerberos into apache and Mozilla, but this is highly experimental if it works at all and not suitable for production environments.
(Note that when the FAQ says "these schemes are all fraught with a number of serious security problems," it is being quite serious, and you should probably get someone who is familiar with this sort of web development to look over your security model if you decide to try something like this.) If this doesn't answer your question, then I am not entirely sure what you are asking. Hope this helps. -r. On Mon, Sep 13, 2004 at 01:24:52AM +1000, simon wrote: > Hello > > This is quite obviously a newbie question, and for a presentation I need > to give: I have a *theoretical* "web portal". The actual services > provided are not specified (accounting, if that tells you anything), and > I was under the impression that I could use Kerberos to authenticate > users from this web portal, as well as users on the server's network. > > I've been reading up on this, but I'm unfamiliar with this sort of web > development, and am not sure if what I'm reading supports this... Is > this possible? > > The implementation details aren't really relevent, this is a case study, > but I was assuming an application embedded into a webpage that > communicates with the Kerberos server, and then the ticket granting > server, etc, and transfers data. Is this correct? > > A confirmation either way would be hugely appreciated. Thankie > > Simon. > ________________________________________________ > Kerberos mailing list [EMAIL PROTECTED] > https://mailman.mit.edu/mailman/listinfo/kerberos ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
