Michael B Allen wrote:
Hi,
Hi,
I'm working on implementing Kerberos 5 and NTLMv2 for an open source
CIFS client. Being a Windows / Java solution it seems to me we're distant
cousins.
I'm going to be doing classes for NTLM credentials and principals,
JAAS integration and utility classes, possibly some JNDI to do "site"
based SRV lookups (to set java.security.krb5.kdc - gotta love all that
LoginModule configuration BS), ... etc.
Is everyone on-board with Java's Subject based security code? I'm not
yet convinced but so far I'm playing along.
We already have NTLM and Kerberos implemented :
http://cwiki.apache.org/confluence/display/DIRxSRVx11/SASL+NTLM+Support
For Kerberos, we have some doc somewhere on the same place, but I don't
have access to http right now, so you will have to dig the site by
yourslef, or wait a few hours so I reach office ...
Do you guys have or want NTLMv2, Kerberos, SPNEGO, NTLMSSP, ...? If so,
I'm interested in hearing opinions about how to "properly" implement
such things to maximize cross-pollination.
We also have a SPNEGO codec in sandbox, but it needs to be leveraged.
Is anyone aware of other projects doing this sort of stuff?
In general I'm interested in hearing about anything wrt the above that
has worked well for you (or what to watch out for). I've been doing C
for a while and I want to know where Java's at with this stuff.
I think there is room for improvement in the way we handle those kind of
stuff. And I think we also need people to help us to improve these
implementations. Is there a better way than collaborating ?
--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org
