Re: [Perlgssapi-users] naive question related to Single-Sign-On on windows
Brought to you by:
achimgrolms
From: Achim G. <ac...@gr...> - 2011-08-06 10:46:15
|
Hi Karl, On Friday 05 August 2011, Karl Forner wrote: > Hello, > > I' d like to implement an intranet web app using perl and the server-side > (but no Apache server) and windows client using either firefox or IE. > I' ve read some documents about SPNEGO but I do not know where to start: > > - I am not an admin of the the windows domain, I do not even know how to > find out which is the pdc, bcd, kdc etc... Nevertheless you need admin-access to the DC to create the required SPNs, see <http://www.grolmsnet.de/kerbtut/>. > - the server is running on a linux computer on which I am not root > either. Unless you try to bind your Service to a port < 1024 this can work. > - First question: is-ti feasible ? I suppose so, years ago I've written a POP3 server using Perl and GSSAPI. > - second one: where do I start ? 1. Read <http://www.grolmsnet.de/kerbtut/>, I've tried to describe the concepts. 2. Read the sources of mod_auth_kerb as an example how this can be implemented for HTTP-based communication. Best Regards, Achim |