directory-api mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: Adding user to Active Directory with Kerberos binding
Date Thu, 26 Mar 2015 13:20:07 GMT
On Thu, Mar 26, 2015 at 9:06 PM, Karim Hosny <karim.hosny@its.ws> wrote:

>
>
> Hi Kiran,
>
> I didn't get any errors im just not sure that the proper way to create a
> secure connection over kerberos authentication is calling the method
> startTLS.
>
> I tried to call startTLS after successful kerberos authentication and it
> worked fine, but is the proper way? Should SaslGssApi create the startTLS,
> I believe kerberos authentication requires creating a secure communication
> to transfer the tickets, correct?
>
> sorry this is a very vague question, can't explain about how you can use
kerberos here,
you need to do your homework on what you want to achieve and be precise on
where you are stuck,
then it is easier to help if we can.

> Karim
> -----Original Message-----
> From: Kiran Ayyagari [mailto:kayyagari@apache.org]
> Sent: Thursday, March 26, 2015 12:40 PM
> To: api@directory.apache.org
> Subject: Re: Adding user to Active Directory with Kerberos binding
>
> On Thu, Mar 26, 2015 at 3:49 PM, Karim Hosny <karim.hosny@its.ws> wrote:
>
> > Hi,
> >
> > So I got the certificates working and apache Directory working fine
> > over secure connection using startTLS and im able to add users, but I
> > need also to bind using Kerberos and add users but it fails when I try
> > it, my guess it requires to call startTLS probably, but from what I
> > understood you either connect using startTLS or saslGssApi correct?
> >
> bind using SaslGssApiRequest , let us know what error you got
>
> >
> > How can I bind using kerberos and be able to perform secure sensitive
> > operations?
> >
> > Thanks,
> > Karim
> >
> >
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>



-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message