[Date Prev][Date Next] [Chronological] [Thread] [Top]

Credentials forwarding

To: openldap-devel@OpenLDAP.org
Subject: Credentials forwarding
From: "Konst. V. Kunshchikov" <kvk@elbrus.ru>
Date: Wed, 26 Jul 2000 19:17:32 +0400 (MSD)

	Hi all!

Is it possible to do kerberos ticket forward to the ldap server
 space over the SASL/TLS encrypted channel?

It is very useful with some sort of backend databases.

In this case user if successfully authenticating using ldap_bind (or similar) 
can be optionally pass credentials(tgt) to server's memory.
Than this credentials can be passed to backend databases.

This would solve many current problems with ldap<->"external service" (such as
kerberos kadmin, oracle, etc..) authentication without required root(superuser)
access to services from the ldap server.

Any suggestions?

Konstantin.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Konstantin Kunshchikov, system programmer, Elbrus Inc, kvk@elbrus.ru

Follow-Ups:
- Re: Credentials forwarding
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: testing indexing in v2
Next by Date: Re: testing indexing in v2
Index(es):
- Chronological
- Thread