samba winbind + waffle: bringing SSO to humans

Andrew Bartlett abartlet at
Thu Oct 28 14:19:59 MDT 2010

On Fri, 2010-10-29 at 07:08 +1100, Andrew Bartlett wrote:
> On Thu, 2010-10-28 at 11:53 -0400, dB. wrote:
> > Thanks Andrew, it's fair.
> > 
> > You're on the right track with SSPI-level functionality. I am not very familiar with Samba, but I am sure you're looking at Windows APIs as one of possible models. That would be ideal for us.
> The API modal already exists (GENSEC), but it's in a library that is
> easily exposed or licensed in a way that your project or WINE can easily
> use.  
> A wholesale reticence 

err, re-licence (sorry)

> isn't under consideration, but there is a feeling
> that we should provide something with the same kind of abstraction that
> ntlm_auth provides, without the trouble of a fork()ed child.  In the
> meantime, ntlm_auth is the API we can provide, right now, and is what I
> suggest you code against and ask for extensions too. 
> Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the samba-technical mailing list