CASA/CASA-auth-token/client/lib/mechanisms/krb5/README

53 lines
1.8 KiB
Plaintext
Raw Normal View History

/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
/***********************************************************************
*
* README for krb5mech
*
***********************************************************************/
INTRODUCTION
krb5mech is a client authentication mechanism for the support of Kerberos 5
authentication. The mechanism leverages the services of the native Kerberos 5
client to obtain Kerberos Tokens that can be used for authenticating an entity
to a Kerberos service.
SECURITY CONSIDERATIONS
The tokens that krb5mech generates are only utilized to authenticate the client
entity to the Kerberos service, because of this, auth_token relies on SSL for
server authentication. auth_token does not leverage the capabilities of GSSAPI
for data privacy and data integrity purposes.