[
https://issues.apache.org/jira/browse/RAMPART-433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Boris Dushanov updated RAMPART-433:
-----------------------------------
Attachment: bob.keytab
alice.keytab
> Support for Kerberos v5 delegated authentication
> ------------------------------------------------
>
> Key: RAMPART-433
> URL: https://issues.apache.org/jira/browse/RAMPART-433
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-core
> Affects Versions: 1.6.2
> Reporter: Boris Dushanov
> Fix For: 1.8.0
>
> Attachments: alice.keytab, bob.keytab,
> rampart_kerberos_delegation_with_keytab_instructions.patch
>
>
> This support is based on the Kerberos v5 enhancement provided in RAMPART-417.
> Kerberos delegation is supported in wss4j since 1.6.17 so this feature
> requires upgrade from 1.6.16 to 1.6.17.The upgrade is smooth and requires no
> changes.
> The changes in rampart uses the wss4j capabilities.Rampart's kerberos
> configuration is enhanced with two new settings - one for requesting a
> kerberos delegation credential and one for setting such. When the latter is
> set, rampart requests a Kerberos security token on behalf of the user for
> which the credentials are.
> The provided implementation also includes a corresponding integration test.
> ApacheDS 2.0 is required as 1.5.7 seems to have issues when delegation is
> requested.Because of that, the existing kerberos tests are also made to work
> with the newer ApacheDS version.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
