NetSteady wrote: > Actually, our product doesn't require EAP-GSS, nor EAP-Kerberos. > > Instead, we use existing, popular authentication mechanisms to provide > kerberos functionality to mainstream RADIUS servers. There is no > additional software required other than the EAP supplicant, and the > client doesn't even realize that they're authenticating to anything > different. > > Our product doesn't even need Kerberos for Windows in order to > authenticate the client to the Kerberos Database. > > That being said, we do not currently have the capability to pass the > ticket on to the client. Our software is simply for authenticating > kerberos credentials against the server. > > Any other thoughts?
I would argue that you are not really using Kerberos. If the client is sending user/password data to the server all you are doing is using Kerberos to perform a database lookup. This technique is frequently used as a means of providing single password functionality to an organization but it is not Kerberos. Jeffrey Altman -- ----------------- This e-mail account is not read on a regular basis. Please send private responses to jaltman at mit dot edu ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
