-
1. Re: GSSAPI/Negotiate implementation for Tomcat
starksm64 Dec 3, 2005 3:03 PM (in response to leifj)This really fits in the design discussions occuring here:
http://www.jboss.com/index.html?module=bb&op=viewforum&f=171
For example:
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=73020
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=72264
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=73024 -
2. Re: GSSAPI/Negotiate implementation for Tomcat
anil.saldhana Dec 4, 2005 10:33 PM (in response to leifj)I see a lot of overlap between GSS and JSR-196 [Java SPI for authentication]. (Does GSS mandate kerberos support? ).
We need to see how the usecases for GSS you are talking about for Tomcat , aligns with the discussion happening in the security design forums.
Please visit the links, Scott posted and post a detailed usecase using gss/negotiate protocol for Tomcat. Provide as much detail as possible. This will help us see the intersection points to our current thoughts/plans. -
3. Re: GSSAPI/Negotiate implementation for Tomcat
leifj Dec 5, 2005 2:45 PM (in response to leifj)"anil.saldhana@jboss.com" wrote:
I see a lot of overlap between GSS and JSR-196 [Java SPI for authentication]. (Does GSS mandate kerberos support? ).
No GSSAPI is a generic security framework. Right now there are two major implementations of GSSAPI - Kerberos5 and GSI, the GRID security infrastructure. GSI is the security framework used in all GRID middleware including the Globus toolkit. -
4. Re: GSSAPI/Negotiate implementation for Tomcat
anil.saldhana Dec 5, 2005 3:50 PM (in response to leifj)What I meant was the notion of Context and Config used in both GSS and JSR-196. These can be generalized in JBoss to an higher level...