Good day,
We had a meeting last time regarding the need for a
centralized authentication in our agency. Everyone
except me, was looking into using an ldap directory. I
insist on them that if we were to use ldap for sole
authentication purpose, ldap was not designed for it,
and we should be consi
jay alvarez <[EMAIL PROTECTED]> writes:
> jabberd2 (by just looking at its config file, it
> definitely supports ldap, not sure with kerberos)
How to do GSSAPI is part of the Jabber protocol, but is not implemented by
any of the servers or clients so far as I know.
> Nagios server monitoring(I'v
When you ask about nagios support are you asking about authentication to
the nagios interface or monitoring a KDC? If you asking about
monitoring I have written a plug in for nagios that monitors our KDCs
here. I am sure I could share.
Mark
jay alvarez wrote:
Good day,
We had a meeting
--- Mark Campbell <[EMAIL PROTECTED]> wrote:
> When you ask about nagios support are you asking
> about authentication to
I'm referring to nagios authentication of restricted
pages, but it's more of webserver/browser negotiation
problem as others have already mentioned.
> the nagios interface
On Wed, Jul 06, 2005 at 12:14:29AM -0400, Mark Campbell wrote:
> When you ask about nagios support are you asking about authentication to
> the nagios interface or monitoring a KDC? If you asking about
> monitoring I have written a plug in for nagios that monitors our KDCs
> here. I am sure I
Em Quarta 06 Julho 2005 00:46, Russ Allbery escreveu:
> but I'm not sure. Your problem here will be more on the client side
> anyway; it's hard to find clients other than Eudora that support GSSAPI
> authentication for SMTP. You can, however, support Kerberos username and
Kmail from KDE 3.4 supp
Quoting Russ Allbery <[EMAIL PROTECTED]>:
>> email (qmail or postfix) I just bumped into a document
>> saying postfix supports sasl/gssapi, and qmail has a
>> qmail-ldap version but not sure with qmail-kerberos.
>
> I don't *think* there's a qmail-smtpd that supports GSSAPI authentication,
> but I
>I don't *think* there's a qmail-smtpd that supports GSSAPI authentication,
>but I'm not sure. Your problem here will be more on the client side
>anyway; it's hard to find clients other than Eudora that support GSSAPI
>authentication for SMTP. You can, however, support Kerberos username and
>pass
I've been looking into kerberized web applications (and web services,
in general), and I have to confess, I've come up short on satisfying
solutions. I thought I'd open the floor to discussion.
A big part of the problem is HTTP (big surprise -- yet another
protocol that is being used for
Russ Allbery wrote:
> How to do GSSAPI is part of the Jabber protocol, but is not
> implemented by any of the servers or clients so far as I know.
I've written some patches for Jabberd2 (in their bugzilla -
http://j2.openaether.org/bugzilla/show_bug.cgi?id=45 ), and am in the
process of developin
Fred Dushin wrote:
A big part of the problem is HTTP (big surprise -- yet another
protocol that is being used for purposes for which it was not
designed). Yes, IIS supports GSS authentication via SPNEGO, but I
have not been able to decipher whether data protection is offered;
anecdotal evide
Could you elaborate on how this would break the HTTP spec? I was
under the (admittedly naive) impression that more or less any
challenge-response authentication mechanism could be implemented in
HTTP via the HTTP 401 error code. So presumably I would think that
GSS context tokens could
I *think* the problem is that Microsoft is returning a "200 OK" message
but it has
additional authentication header fields attached to it. If they were
using the 401
code, that would be OK, but they are using 200 and adding the final
mutual-auth
GSSAPI tokens to it, which, I believe, is a vi
13 matches
Mail list logo
