f



Kerberos Administration Protocol

Hi,

I'm looking for an open source Java implementation for the Kerberos
administration protocol, for changing password, getprinc,
delete_principal and so on. The main goals for kadmin, for
the MIT implementation.

Are there any libraries?

If no, I would try to do an adHoc implementation. Are there
documents? The only draft that I can see is

http://tools.ietf.org/html/draft-ietf-cat-kerb-chg-password-00

Thanks,


        Massimiliano
0
max3599 (2)
6/2/2009 1:28:32 PM
comp.protocols.kerberos 5541 articles. 1 followers. jwinius (31) is leader. Post Follow

2 Replies
1169 Views

Similar Articles

[PageSpeed] 31

> Date:    Tue, 02 Jun 2009 15:28:32 +0200
> To:      kerberos@mit.edu
> From:    "max@mascanc.net" <max@mascanc.net>
> Subject: Kerberos Administration Protocol
> 
> Hi,
> 
> I'm looking for an open source Java implementation for the Kerberos
> administration protocol, for changing password, getprinc,
> delete_principal and so on. The main goals for kadmin, for
> the MIT implementation.
> 
> Are there any libraries?
> 
> If no, I would try to do an adHoc implementation. Are there
> documents? The only draft that I can see is
> 
> http://tools.ietf.org/html/draft-ietf-cat-kerb-chg-password-00
> 
> Thanks,
> 
> 
>         Massimiliano

As it happens, I do have something that might be the start at this.
It could stand a bit more "polishing" before being released,
and at the moment, it's not on our priority list.  If this is
something of interest to you, we should certainly talk.
You won't be at afsbpw 2009, by any chance?

What I have does:
	chpass
	chrand
	createpolicy
	create
	deletepolicy
	deleteprinc
	getpolicies
	getpolicy
	getprinc
	getprincs
	modifypolicy
	modifyprincipal
	renameprinc
	setkeyprincipal

It's mostly java code, including most of the xdr to implement
the above.  Some basic stuff is in C / JNI - including gssapi
proper.  At one point I thought I had located a suitable open source
java implementation of sun rpc - I hope it still exists.
Implementing rpcsec-gss on top of it may not be simple.

					-Marcus Watts
0
mdw7111 (62)
6/2/2009 4:03:08 PM
Hi,

Marcus Watts ha scritto:
> As it happens, I do have something that might be the start at this.
> It could stand a bit more "polishing" before being released,
> and at the moment, it's not on our priority list.  If this is
> something of interest to you, we should certainly talk.

Yes of course. It seems to be interesting.

I saw yesterday that Quest software is selling
java code for Kerberos Administration.

But there is no draft for the protocol?

> You won't be at afsbpw 2009, by any chance?

Yes, Mr. Alberto Mancini is there, I'll not participate.
He is part of the project.
0
max3599 (2)
6/3/2009 9:58:07 AM
Reply: