[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Choice Of Authentications a) using SASL directly b) using SASL th ru LDAP



Your post is not specific to OpenLDAP Software and hence
off-topic here.  I note that SASL (like TLS) is used
through some application-layer protocol, such as LDAP.
So your option "using SASL directly" makes no sense.
I don't have any suggestions for an appropriate forum
to learn the fundamentals of such things, suggest you
read up instead (see SASL, GSSAPI, Kerberos, ... sites
for references).  If somehow here as specific suggestion,
I suggest they mail it directly to Vikas.

Kurt

At 03:59 AM 2/6/2004, Vikas Gandhi wrote:
>Hi All
>
> I have a project where I want to to use standards based SASL mechnisms. I
>want to use SASL/GSSAPI/Kerberos V mechanisms. My KDC can be windows(AD) or
>Sun (SEAM) or MIT (KDC)
>I am in a fix becase I am not able to understand which way to go any why. I
>have a set of 2 choices.
>a) Use SEAM as just an authticating mechnism and use GSSAPI/Kerberos without
>even involving LDAP.
>b) Use SASL-LDAP bind as a mechanism for authentication.
>
>What are the pros and cons of each method.
>Please explain because I have been trying to get this fundamental answer
>since many days.
>
>--Vikas