Hi, I'm working on implementing Kerberos 5 and NTLMv2 for an open source CIFS client. Being a Windows / Java solution it seems to me we're distant cousins.
I'm going to be doing classes for NTLM credentials and principals, JAAS integration and utility classes, possibly some JNDI to do "site" based SRV lookups (to set java.security.krb5.kdc - gotta love all that LoginModule configuration BS), ... etc. Is everyone on-board with Java's Subject based security code? I'm not yet convinced but so far I'm playing along. Do you guys have or want NTLMv2, Kerberos, SPNEGO, NTLMSSP, ...? If so, I'm interested in hearing opinions about how to "properly" implement such things to maximize cross-pollination. Is anyone aware of other projects doing this sort of stuff? In general I'm interested in hearing about anything wrt the above that has worked well for you (or what to watch out for). I've been doing C for a while and I want to know where Java's at with this stuff. Mike -- Michael B Allen PHP Active Directory SPNEGO SSO http://www.ioplex.com/
