Michael Ströder wrote: > Ah, ok. Interesting. Why don't you separate the krb5 module into another > project. I guess some people might be interested in that. > > Especially my dream would be to support HTTP-Authentication based on > SPNEGO/GSSAPI in web2ldap. But not only authenticating the user at the > web server. I would rather like forward the service ticket requested for > a particular LDAP service to the LDAP server in a SASL/GSSAPI > BindRequest. Do you think that's feasible? >
Well... at the moment the module is really bare bones and only exposes the few functions of the vast Kerberos API that Python-AD needs. Also I don't want to digress too much at this point. I created Python-AD as part of something bigger which does not exist yet: FreeADI. FreeADI would provide Active Directory integration for Linux systems, meaning you can use AD as the directory and authentication service on Linux. (Given the fact that Likewise Open was released last week, I am not sure though it would still be useful). >From what I understand from you though, you'd like the GSSAPI to be wrapped and not the Kerberos API. This is easier as the GSSAPI seems significantly smaller than the Kerberos API. By the way I had a look at web2ldap. You mention that you use an ASN.1 parser from Pisces and that you feel that people may have issues with its license. Python-AD comes with its own (very simple) ASN.1 parser/generator as well. It can parse arbitrary BER, emits DER and comes with a full test suite. The code is licensed under the MIT license so it may be less concerning. Also if you really want I could re-license it under the GPL. Regards, Geert ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ Python-LDAP-dev mailing list Python-LDAP-dev@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
