samba winbind + waffle: bringing SSO to humans

Andrew Bartlett abartlet at
Thu Oct 28 14:08:11 MDT 2010

On Thu, 2010-10-28 at 11:53 -0400, dB. wrote:
> Thanks Andrew, it's fair.
> You're on the right track with SSPI-level functionality. I am not very familiar with Samba, but I am sure you're looking at Windows APIs as one of possible models. That would be ideal for us.

The API modal already exists (GENSEC), but it's in a library that is
easily exposed or licensed in a way that your project or WINE can easily

A wholesale reticence isn't under consideration, but there is a feeling
that we should provide something with the same kind of abstraction that
ntlm_auth provides, without the trouble of a fork()ed child.  In the
meantime, ntlm_auth is the API we can provide, right now, and is what I
suggest you code against and ask for extensions too. 

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the samba-technical mailing list