axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boris Dushanov (JIRA)" <>
Subject [jira] [Updated] (RAMPART-433) Support for Kerberos v5 delegated authentication
Date Fri, 20 May 2016 08:53:12 GMT


Boris Dushanov updated RAMPART-433:
    Attachment: rampart_kerberos_delegation.patch

I'm attaching a patch with sample implementation.
For simplicity, the patch contains the changes for Kerberos core support from  RAMPART-417.

> Support for Kerberos v5 delegated authentication
> ------------------------------------------------
>                 Key: RAMPART-433
>                 URL:
>             Project: Rampart
>          Issue Type: New Feature
>          Components: rampart-core
>    Affects Versions: 1.6.2
>            Reporter: Boris Dushanov
>             Fix For: 1.8.0
>         Attachments: rampart_kerberos_delegation.patch
> This support is based on the Kerberos v5 enhancement provided in RAMPART-417.
> Kerberos delegation is supported in wss4j since 1.6.17 so this support requires upgrade
from 1.6.16 to 1.6.17.The upgrade is smooth and requires no changes.
> The changes in rampart uses the wss4j capabilities.It enhances rampart's kerberos configuration
with two new settings - one for requesting a kerberos delegation credential and one for setting
such. When the latter is set, rampart requests a Kerberos security token on behalf of the
subject for which the credentials are.
> The provided implementation also includes a corresponding integration test.An update
to Apache DS 2.0 is needed because of an issue in 1.5.7 which is seen when delegation credential
is requested.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message