Author: buildbot
Date: Sat Feb 9 07:57:50 2013
New Revision: 849994
Log:
Staging update by buildbot for directory
Modified:
websites/staging/directory/trunk/content/ (props changed)
websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.1-realms.html
websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.2-principals.html
websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.3-keys.html
Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sat Feb 9 07:57:50 2013
@@ -1 +1 @@
-1444169
+1444339
Modified: websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.1-realms.html
==============================================================================
--- websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.1-realms.html (original)
+++ websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.1-realms.html Sat Feb
9 07:57:50 2013
@@ -137,7 +137,7 @@
</div>
-<h1 id="realms">Realms</h1>
+<h1 id="111-realms">1.1.1 - Realms</h1>
<p>A <strong>Realm</strong> is associated with a Kerberos administrative
domain. In other words, it covers everything the Kerberos server manage :
<em> Users
</em> Services</p>
Modified: websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.2-principals.html
==============================================================================
--- websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.2-principals.html (original)
+++ websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.2-principals.html Sat
Feb 9 07:57:50 2013
@@ -137,7 +137,7 @@
</div>
-<h1 id="principals">Principals</h1>
+<h1 id="112-principals">1.1.2 - Principals</h1>
<p>The Kerberos <strong>Principal</strong> is any entity to which the server
can assign a <strong>Ticket</strong>. Typically, we can think of three kinds of
<strong>Principals</strong> :</p>
<div class="codehilite"><pre><span class="o">*</span> <span class="n">Users</span>
<span class="o">*</span> <span class="n">Services</span>
Modified: websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.3-keys.html
==============================================================================
--- websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.3-keys.html (original)
+++ websites/staging/directory/trunk/content/apacheds/kerberos-ug/1.1.3-keys.html Sat Feb
9 07:57:50 2013
@@ -137,7 +137,7 @@
</div>
-<h1 id="keys">Keys</h1>
+<h1 id="113-keys">1.1.3 - Keys</h1>
<p>The <strong>Kerberos</strong> server generates keys based on the password
we provide. Those keys are stored in the <strong>KDC</strong> and used to encrypt
and decrypt the data being exchanged with the client.</p>
<p>The Key is computed using either the user's password or a random value, and is salted
with the realm. </p>
<p><DIV class="INFO" markdown="1">
@@ -167,7 +167,7 @@ There is a special case : if the passwor
</DIV></p>
<p><DIV class="INFO" mardown="1">
Note that we will generate more than one key : we generate one key per configured cipher.
</p>
-<p>ApacheDS Kerberos server default set of ciphers is :</p>
+<p>ApacheDS Kerberos server supported set of ciphers is :</p>
<div class="codehilite"><pre><span class="o">*</span> <span class="n">DES_CBC_MD5</span>
<span class="o">*</span> <span class="n">DES3_CBC_SHA1_KD</span>
<span class="o">*</span> <span class="n">RC4_HMAC</span>
@@ -176,7 +176,8 @@ Note that we will generate more than one
</pre></div>
-<p></DIV></p>
+<p>The default cipher is DES_CBC_MD5, so if you want to use another one, you must add
it to the list of supported EncryptionTypes.
+</DIV></p>
<p><DIV class="WARN" mardown="1">
Note that the key generation is an extremely costly operation. If you have many supported
ciphers, you will multiply the time it takes to generate the keys by the number of ciphers.
It's smart to limit the configured ciphers to the minimal, accordingly to your needs.</p>
<p>Provisionning thousands of users will inheritently be a slow operation.
|