[19727] in Kerberos
RE: apache & Kerberos
daemon@ATHENA.MIT.EDU (Tim Alsop)
Fri Aug 1 13:27:03 2003
Message-ID: <815D636CDFAAD611A2DA006097AC6157C60DFA@blackanwhitecat.cybersafe.ltd.uk>
From: Tim Alsop <Tim.Alsop@CyberSafe.Ltd.UK>
To: Andreas <andreas@conectiva.com.br>,
Tim Alsop
<Tim.Alsop@CyberSafe.Ltd.UK>
Date: Fri, 1 Aug 2003 18:09:10 +0100
MIME-Version: 1.0
Content-Type: text/plain
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
Andreas,
There is support in IE for Kerberos using SSPI and we utilise that if required, however we also have a client/workstation component with our product that acts as a local proxy and therefore intercepts communications between client workstation and web or proxy servers on the network. Since the local proxy is able to access user credentials cache it is able to use GSSAPI to setup a security context with the web/proxy server when it receives a 401 response indicating authentication is required.
The local proxy approach can therefore support any browser such as IE, Netscape, Mozilla, Opera etc.
Cheers, Tim.
-----Original Message-----
From: Andreas [mailto:andreas@conectiva.com.br]
Sent: 01 August 2003 18:05
To: Tim Alsop
Cc: Subu Ayyagari; kerberos@mit.edu
Subject: Re: apache & Kerberos
On Fri, Aug 01, 2003 at 03:46:46PM +0100, Tim Alsop wrote:
> context. The approach our WebAccess product uses and the one
> referenced by Jeremy and developed with Heimdal libraries uses
> Kerberos and GSSAPI to establish a security context between the
> browser and the Web server and hence
Which type of browser has GSSAPI support? Or do you patch, say, mozilla as well?
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
