Thank u very much for ur answer, I was a little bit confused because this point is not well documented. I have a second small question, perhaps u can help me with this to:
Once the client is authenticated, is the communication between the client and the server encrypted(with the session key in the ticket) or does all the trafic pass in clear text by default. I read some docs and their content was contradictory, perhaps u can clear me this point to? Thanx CB Jeffrey Altman <[EMAIL PROTECTED]> wrote in message news:<[EMAIL PROTECTED]>... > Access control is not enforced by the TGS. The TGS provides service > tickets which allow a client to authenticate itself to the application > service. It is the responsibility of the application service to consult > an authorization database to determine what permissions (if any) the > client may be granted. > > Jeffrey Altman > > > paul b wrote: > > > Hello, > > I have a question about managing the access to the different services > > in Kerberos. > > > > When I have my TGT and I ask the TGS to get access to a specific > > service(for ex. kerberized FTP), how does the TGS know if I have the > > right to access this server. Is there any database on the TGS that > > contains the information which user has access to which service or > > does the TGS the TGT in any case and the access rights are managed on > > the server offering the service. > > > > My second question is how can I specify which user has access to which > > service? Are there commands on the TGS(eventually to add users to a > > database managing the rights???) or do I have to specify the user > > rights on the server offering the service > > > > Thank u very much in advance > > > > CB ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
