[JDEV] ldapv3 or kerberos mod for jabber server?
jsiegle at psu.edu
jsiegle at psu.edu
Fri Jan 11 07:54:33 CST 2002
On Thu, 10 Jan 2002, David C. McDowell wrote:
> jdev,
>
> I was curious if I could spark some interest in the development of a module
> for the Jabber Server that could authenticate to ldapv3, which I believe
>is ldap + kerberos authentication protocol, probably some other stuff I'm
>not aware of. I understand there is an xdb_ldap ? BUT, in an ldapv3
>implementation, it seems the userPassword property is not populated due
>to the fact that a separate kerberos database is kept for the
>passwords. This makes the ldap mod by itself ineffective. With
>connectios to the ldapv3, my thoughts on the goal would be to take away
>from Jabber's separate user db and use the ldap db of users as its
>userbase and place of authentication. I believe this is what happens
>with the ldap mod already available when connecting to a true ldap
>server? The problem then comes back to the authentication, which cannot
>occur in ldapv3 b/c of the kerberos password db.
Why not authenticate with your kerberos server? You should be able to just
do a mkreq from your client and a rdreq from the jabber server. If you
have questions about this approach, let me know. What version of kerberos
are you running? I should be able to contribute some code I
wrote(mod_auth_kerberos.c) for version V as soon as I clean it up.
>
> Ideas or thoughts? Thanks for you time!
>
> Dave
>
>
> David McDowell
> Network Administrator
> DynPro, Inc.
> 919.969.7076 x236
> http://www.dynpro.com
>
> ~~ "Kindness in another's trouble, courage in your own." ~~ Princess Diana
>
>
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
>
Jonathan Siegle Center for Academic Computing
jsiegle at psu.edu Penn State University
University Park, Pa 16802
More information about the JDev
mailing list