speedy zinc wrote:
Hi, I've read the white paper "Red Hat Identity Management and Security Solutions", and on page 13, it said that Red Hat Directory Server supports a variety of authentication standards and technologies, including: - ... - Kerberos tickets via SASL/GSSAPI - ... What does that exactly mean? Does that mean RHDS can issue kerberos ticket out of the box?
No.
Yes. When you use kinit to acquire your ticket, you can use that ticket to authenticate to the directory server.Or does that mean I need to setup a kerberos server and use RHDS as the backend for user information?
Sure. This is most often used with web apps or other apps that set up a pool of connections to the directory server. Each connection in the pool is bound as a proxy user. When a real user wants to authenticate, the proxy connection passes the real user's bind credentials to the directory server using the proxy auth control.And this one: - Impersonation (proxy) for multi-tier client applications. Could someone explain what does it mean and how can it be used?
Thanks a lot sz__________________________________ Yahoo! Music Unlimited Access over 1 million songs. Try it free.http://music.yahoo.com/unlimited/ -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
