samba winbind + waffle: bringing SSO to humans
Andrew Bartlett
abartlet at samba.org
Thu Oct 28 14:08:11 MDT 2010
On Thu, 2010-10-28 at 11:53 -0400, dB. wrote:
> Thanks Andrew, it's fair.
>
> You're on the right track with SSPI-level functionality. I am not very familiar with Samba, but I am sure you're looking at Windows APIs as one of possible models. That would be ideal for us.
The API modal already exists (GENSEC), but it's in a library that is
easily exposed or licensed in a way that your project or WINE can easily
use.
A wholesale reticence isn't under consideration, but there is a feeling
that we should provide something with the same kind of abstraction that
ntlm_auth provides, without the trouble of a fork()ed child. In the
meantime, ntlm_auth is the API we can provide, right now, and is what I
suggest you code against and ask for extensions too.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20101029/f4ba866a/attachment.pgp>
More information about the samba-technical
mailing list