Thanks What I'm actually doing is trying to proxy the ticket as part of an http request/response but I thought I had heard that kerberos tickets could not be proxied unchanged. It sounds like that's not the case. Ill read those links.
Thanks! Marc On 6/1/07, Emmanuel Lecharny <[EMAIL PROTECTED]> wrote:
Marc Boorshtein a écrit : > All, Hi Marc, > > I've got an kerberos question when cobined with integrated windows > authentication. Can the process of authenticating the user to an iis > server be proxied succesfully? so far, I think you just need to enable SPNEGO on you browser to do so (http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/tsec_SPNEGO_config_web.html <http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/tsec_SPNEGO_config_web.html>) Of couse, this will be helpfull if you are just using a browser... Otherwise, your application will have to implement SPNEGO. FYI, we have written a java codec for this protocol, but it has been sandboxed... Just tell us if you want it to be ressucitated. Emmanuel. > > Thanks for any input. > > Marc > > > On 6/1/07, Alex Karasulu <[EMAIL PROTECTED]> wrote: > >> On 6/1/07, Emmanuel Lecharny <[EMAIL PROTECTED]> wrote: >> >> SNIP >> >> BasicAttributes to a more ldap compliant BasicAttributesImpl...) >> >> >> What about renaming BasicAttributesImpl to just LdapAttributes? Of >> course >> not in the 1.0 branch which would break backwards compatibility of >> partitions but in the 1.5 branch? Guess really it's the 0.9.6 branch of >> shared for 1.5 of ApacheDS. >> >> Anyway this would be clearer no? >> >> Alex >> >
