[32539] in Kerberos
Is there a way to store "user data" along with principals?
daemon@ATHENA.MIT.EDU (Mikhail T.)
Tue Aug 3 16:03:12 2010
Message-ID: <4C508DFB.3040709@aldan.algebra.com>
Date: Wed, 28 Jul 2010 16:07:23 -0400
From: "Mikhail T." <mi+thun@aldan.algebra.com>
MIME-Version: 1.0
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hello!
I need to write a utility, that will perform certain tasks on an outside
web-site (via SOAP). The utility needs to authenticate itself to the
site every time it runs with a username and password.
Different users (far from all!) ought to be able to run the utility on
our servers and they should not have direct access to those credentials
themselves.
We use Kerberos here -- it is the only service that's universally
reachable throughout our network.
This got me thinking -- can we store these outside credentials as some
sort of user-data attached to the principals of the people authorized to
run the utility? Is there a way to associate data with the principals,
that's meaningless to Kerberos itself, but which would be provided
verbatim, whenever the successful authentication takes place?
Thanks! Yours,
-mi
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
