Samba4 and Heimdal Kerberos dependencies
Andrew Bartlett
abartlet at samba.org
Wed Feb 9 21:02:52 GMT 2005
On Wed, 2005-02-09 at 10:14 +1100, Luke Howard wrote:
> >While GSSAPI is common between many implementations, we also need access
> >to functions added to Heimdal by PADL, for their AD implementation (such
> >as gsskrb5_extract_authz_data_from_sec_context()). This example allows
> >us, as a server, to extract the PAC from an incoming request, without
> >needing to separately parse the GSSAPI wrapping.
>
> Also, we contributed a port of the MIT mechanism glue, it is currently
> sitting in a branch pending integration. This allows you to dynamically
> load different security mechanisms.
This is one of the things I look forward to most, and I thank PADL for
contributing. Alongside the SPNEGO implementation in Heimdal, this
should be a powerful combination.
I do thank PADL for the work they have done on Heimdal - I'm very glad
we can take this 'real work' (rather than just plans or ideas) and use
it, and hope that just as we leverage PADL's work in this area now, that
our contributions back may be likewise leveraged in PADL's products in
future. (And hopefully contribute an even-more-useful, stronger
kerberos infrastructure to the whole community).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050210/f2f27a6f/attachment.bin
More information about the samba-technical
mailing list