Author: erodriguez
Date: Thu Apr 28 16:41:39 2005
New Revision: 165231
URL: http://svn.apache.org/viewcvs?rev=165231&view=rev
Log:
Kerberos protocol provider doco updates from spin out of changepw doco.
Modified:
directory/protocol-providers/kerberos/trunk/xdocs/index.xml
Modified: directory/protocol-providers/kerberos/trunk/xdocs/index.xml
URL:
http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/xdocs/index.xml?rev=165231&r1=165230&r2=165231&view=diff
==============================================================================
--- directory/protocol-providers/kerberos/trunk/xdocs/index.xml (original)
+++ directory/protocol-providers/kerberos/trunk/xdocs/index.xml Thu Apr 28
16:41:39 2005
@@ -1,34 +1,45 @@
<?xml version="1.0" encoding="UTF-8"?>
-<document>
- <properties>
- <author email="[EMAIL PROTECTED]">Enrique Rodriguez</author>
- <title>Overview</title>
- </properties>
-
- <body>
- <section name="Introduction">
- <p>Apache Kerberos is a Java implementation of the
- <a href="http://www.ietf.org/rfc/rfc1510.txt";>RFC 1510</a> Kerberos V5
Network Authentication Service. The purpose of Kerberos is to verify the
identities of principals (users or services) on an unprotected network. While
generally thought of as a single-sign-on technology, Kerberos' true strength is
in authenticating users without ever sending their password over the network.
Kerberos is designed for use on open (untrusted) networks and, therefore,
operates under the assumption that packets traveling along the network can be
read, modified, and inserted at will. <a
href="http://www.computerworld.com/computerworld/records/images/pdf/kerberos_chart.pdf";>This
chart</a> provides a good description of the protocol workflow.</p>
-
- <p>Kerberos is named for the three-headed dog that guards the
gates to Hades. The three heads are the client, the Kerberos server, and the
network service being accessed.</p>
-
-<p>Apache Kerberos is implemented as a protocol plugin for the Apache
Directory server. As a plugin, Kerberos leverages Apache SEDA for front-end
services and the Apache Eve read-optimized backing store via JNDI for
persistent directory services.</p>
-
- <p>Apache Kerberos, in conjunction with SEDA and Eve, provides an
easy-to-use yet fully-featured network authentication service. As implemented
within Apache Directory, Apache Kerberos will provide:
- <ul>
- <li>Authentication service (RFC 1510)</li>
- <li>Ticket-granting service (RFC 1510)</li>
- <li>Password-changing service (RFC 3244)</li>
- <li>JMX remote management (JSR 160, JSR 28)</li>
- <li>Optional LDAP management (Eve)</li>
- <li>Standard schema, such as krb5-kdc and the DCE krbsch07
(Eve)</li>
- <li>UDP and TCP Support (SEDA)</li>
- <li>Traffic throttling (SEDA)</li>
- <li>Overload shielding (SEDA)</li>
- <li>Easy POJO embeddability for containers such as Geronimo,
JBoss, and OSGi</li>
- </ul>
- </p>
- </section>
- </body>
-</document>
-
+<document>
+ <properties>
+ <author email="[EMAIL PROTECTED]">Enrique Rodriguez</author>
+ <title>Overview</title>
+ </properties>
+ <body>
+ <section name="Introduction">
+ <p>Apache Kerberos is a Java implementation of the <a
+ href="http://www.ietf.org/rfc/rfc1510.txt";>RFC
1510</a> Kerberos V5 Network
+ Authentication Service. The purpose of Kerberos
is to verify the identities of
+ principals (users or services) on an
unprotected network. While generally thought
+ of as a single-sign-on technology, Kerberos'
true strength is in authenticating
+ users without ever sending their password over
the network. Kerberos is designed
+ for use on open (untrusted) networks and,
therefore, operates under the assumption
+ that packets traveling along the network can be
read, modified, and inserted at
+ will. <a
+
href="http://www.computerworld.com/computerworld/records/images/pdf/kerberos_chart.pdf";>This
+ chart</a> provides a good description of the
protocol workflow.</p>
+ <p>Kerberos is named for the three-headed dog that
guards the gates to Hades. The three
+ heads are the client, the Kerberos server, and
the network service being
+ accessed.</p>
+ <p>Apache Kerberos is implemented as a
protocol-provider plugin for the Apache
+ Directory server. As a plugin, Kerberos
leverages Apache MINA for front-end
+ services and the Apache Directory
read-optimized backing store via JNDI for
+ persistent directory services.</p>
+ <p>Apache Kerberos, in conjunction with MINA and the
Apache Directory, provides an
+ easy-to-use yet fully-featured network
authentication service. As implemented
+ within the Apache Directory, Apache Kerberos
will provide:</p>
+ <ul>
+ <li>Authentication service (RFC 1510)</li>
+ <li>Ticket-granting service (RFC 1510)</li>
+ <li>Pre-authentication support (RFC 1510)</li>
+ <li>DES encryption systems (RFC 1510)</li>
+ <li>Triple-DES (DES3) encryption systems</li>
+ <li>JMX remote management (JSR 160, JSR 28)</li>
+ <li>Optional LDAP management</li>
+ <li>UDP and TCP Support (MINA)</li>
+ <li>Traffic throttling (MINA)</li>
+ <li>Overload shielding (MINA)</li>
+ <li>Easy POJO embeddability for containers such
as Geronimo, JBoss, and OSGi</li>
+ </ul>
+ </section>
+ </body>
+</document>
