Secure Authentication: Kerberized LDAP
From SRCIT Public
Contents |
The SRCIT authentication system is built on MIT Kerberos and the OpenLDAP standards.
Kerberos
Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. It is also a suite of free software published by Massachusetts Institute of Technology (MIT) that implements this protocol. Its designers aimed primarily at a client-server model, and it provides mutual authentication — both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.
From [Wikipedia]
LDAP
The Lightweight Directory Access Protocol, or LDAP, is an application protocol for querying and modifying directory services running over TCP/IP.
From [Wikipedia]
Implementation
Coming Soon.
Sources for Further Information
We have found the following publications useful in our implementation of LDAP and Kerberos:
- [Distributed Services with OpenAFS]: Franco Milicchio and Wolfgana A. Gehrke
