[
https://issues.apache.org/jira/browse/RAMPART-433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Boris Dushanov updated RAMPART-433:
-----------------------------------
Attachment: rampart_kerberos_delegation.patch
I'm attaching a patch with sample implementation.
For simplicity, the patch contains the changes for Kerberos core support from
RAMPART-417.
> Support for Kerberos v5 delegated authentication
> ------------------------------------------------
>
> Key: RAMPART-433
> URL: https://issues.apache.org/jira/browse/RAMPART-433
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-core
> Affects Versions: 1.6.2
> Reporter: Boris Dushanov
> Fix For: 1.8.0
>
> Attachments: rampart_kerberos_delegation.patch
>
>
> This support is based on the Kerberos v5 enhancement provided in RAMPART-417.
> Kerberos delegation is supported in wss4j since 1.6.17 so this support
> requires upgrade from 1.6.16 to 1.6.17.The upgrade is smooth and requires no
> changes.
> The changes in rampart uses the wss4j capabilities.It enhances rampart's
> kerberos configuration with two new settings - one for requesting a kerberos
> delegation credential and one for setting such. When the latter is set,
> rampart requests a Kerberos security token on behalf of the subject for which
> the credentials are.
> The provided implementation also includes a corresponding integration test.An
> update to Apache DS 2.0 is needed because of an issue in 1.5.7 which is seen
> when delegation credential is requested.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
