53 lines
1.8 KiB
Plaintext
53 lines
1.8 KiB
Plaintext
|
/***********************************************************************
|
||
|
*
|
||
|
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
|
||
|
*
|
||
|
* This library is free software; you can redistribute it and/or
|
||
|
* modify it under the terms of the GNU Lesser General Public
|
||
|
* License as published by the Free Software Foundation; version 2.1
|
||
|
* of the License.
|
||
|
*
|
||
|
* This library is distributed in the hope that it will be useful,
|
||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||
|
* Library Lesser General Public License for more details.
|
||
|
*
|
||
|
* You should have received a copy of the GNU Lesser General Public
|
||
|
* License along with this library; if not, Novell, Inc.
|
||
|
*
|
||
|
* To contact Novell about this file by physical or electronic mail,
|
||
|
* you may find current contact information at www.novell.com.
|
||
|
*
|
||
|
* Author: Juan Carlos Luciani <jluciani@novell.com>
|
||
|
*
|
||
|
***********************************************************************/
|
||
|
/***********************************************************************
|
||
|
*
|
||
|
* README for krb5mech
|
||
|
*
|
||
|
***********************************************************************/
|
||
|
|
||
|
INTRODUCTION
|
||
|
|
||
|
krb5mech is a client authentication mechanism for the support of Kerberos 5
|
||
|
authentication. The mechanism leverages the services of the native Kerberos 5
|
||
|
client to obtain Kerberos Tokens that can be used for authenticating an entity
|
||
|
to a Kerberos service.
|
||
|
|
||
|
SECURITY CONSIDERATIONS
|
||
|
|
||
|
The tokens that krb5mech generates are only utilized to authenticate the client
|
||
|
entity to the Kerberos service, because of this, auth_token relies on SSL for
|
||
|
server authentication. auth_token does not leverage the capabilities of GSSAPI
|
||
|
for data privacy and data integrity purposes.
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|