[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Kerberos Security Token and WS-Trust STS
<img src="http://zdownload.zurich.com/mailimages/ZHP_MailHeader.gif"; /> Hi there I'm dealing with Kerberos integration between a kerberized tuxedo application and web services based applications. I'm wondering why the section "GSS-API for Kerberos Interoperability" has been removed in the final WS-Security Kerberos security token spec. This chapter was part of the spec originally submitted to oasis from IBM and Microsoft: http://xml.coverpages.org/WS-Security-Kerberos200312.pdf The original idea was to use an WS-Trust STS to issue kerberos tokens by passing username/password to the STS. Of course, this has the drawback that passwords are passed over the network. The connection to the STS is secured with HTTPS. I also wanted to use the STS to verify a kerberos token and maybe transform it to a SAML security token but this would require that the STS knows the secret of the kerberos service. Kind regards Oliver Wulff ******************* BITTE BEACHTEN ******************* Diese Nachricht (wie auch allfällige Anhänge dazu) beinhaltet möglicherweise vertrauliche oder gesetzlich geschützte Daten oder Informationen. Zum Empfang derselben ist (sind) ausschliesslich die genannte(n) Person(en) bestimmt. Falls Sie diese Nachricht irrtümlicherweise erreicht hat, sind Sie höflich gebeten, diese unter Ausschluss jeder Reproduktion zu zerstören und die absendende Person umgehend zu benachrichtigen. Vielen Dank für Ihre Hilfe.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]