Shyh-Wei Luan wrote:
>
> On Jul 14, 7:10am, Michael R. Beddingfield wrote:
>
> > Like Iowa State, we also hacked httpd to authenticate to the ka server,
> > but with a slight twist. We make every user authenticate right now. We
> > want to allow public info to be available without a login, and will
> > probably do what Iowa did for the server to get around the
> > system:anyuser problem for these files.
> >
> > BTW: We are using AFS's KA server...Mic
> >-- End of excerpt from Michael R. Beddingfield
>
> How do you get users authenticate? Do user provide password through http form
> and network? If so, do password go through the net in clear, or you use things
> like SSL? If passwords are sent in clear on the network. don't we lose the
> main purpose of Kerberos authentication?
>
> Shyh-Wei Luan
Yes we are using SSL...Mic
