[33411] in Kerberos
Re: Instant Messaging client-server solution?
daemon@ATHENA.MIT.EDU (Russ Allbery)
Fri May 20 16:29:09 2011
From: Russ Allbery <rra@stanford.edu>
To: Jaap Winius <jwinius@umrk.nl>
In-Reply-To: <20110520151124.96093ps15h0wm2ww@bitis.umrk.nl> (Jaap Winius's
message of "Fri, 20 May 2011 15:11:24 +0200")
Date: Fri, 20 May 2011 13:26:09 -0700
Message-ID: <87liy1m84e.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Jaap Winius <jwinius@umrk.nl> writes:
> Quoting Dax Kelson <dkelson@gurulabs.com>:
>> We used Pidgin and OpenFire in our office. Works well. Was pretty
>> straightforward to configure.
> Really? It doesn't look so easy to me. The docs for both Openfire and
> Pidgin make no mention of GSSAPI or Kerberos. Most of the discussions on
> this subject seem to be a couple of years old or have to do with Windows
> environments.
> Then there's the Stanford IT Lab Blog article on Openfire. It's over
> two years old, but seems to work with Openfire 3.7.0 on my system.
Yes, that's how we set it up.
> However, I wasn't able to get Pidgin to communicate with it.
Pidgin just worked for us. There is indeed no UI, which is remarkably
annoying. But if you have Kerberos tickets already and you just leave the
password field in Pigdin blank, it will do a GSS-API authentication if the
server supports it.
https://itservices.stanford.edu/service/instantmessaging has our end-user
documentation. We require GSS-API authentication be used, so this has the
details of how to configure the various clients we support.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
