[30105] in Kerberos
Re: SSO
daemon@ATHENA.MIT.EDU (Russ Allbery)
Thu Jul 17 14:24:39 2008
To: kerberos@mit.edu
In-Reply-To: <5183a7480807170801v60e26508k4086834bedbf83fb@mail.gmail.com>
(Sharad Desai's message of "Thu\, 17 Jul 2008 11\:01\:02 -0400")
From: Russ Allbery <rra@stanford.edu>
Date: Thu, 17 Jul 2008 11:23:20 -0700
Message-ID: <8763r4jron.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
"Sharad Desai" <ssdesai1@gmail.com> writes:
> Also, (I'm not sure how familiar people are with Cosign) since Cosign
> transforms Kerberos authentication to a cookie-based authentication
> which the browsers can use, I was wondering if you have had any
> experience with this.
Given your platform constraints and desire to avoid Active Directory, I
think Cosign is definitely your best option. However, I believe that you
will need a UNIX server to run the Cosign login daemon, even though you
can use IIS for specific web applications. I could be wrong, since I
don't run it myself, but you should check on that if that will be a
problem.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
