W3C home > Mailing lists > Public > www-lib@w3.org > April to June 2004

Re: Kerberos authentication in libwww?

From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 1 Jun 2004 13:25:16 +0200 (CEST)
To: www-lib@w3.org
Message-ID: <Pine.LNX.4.58.0406011322010.32182@linux3.contactor.se>

On Tue, 1 Jun 2004, Steinar Bang wrote:

> I've been looking at what libcurl does, in its Kerberos support.  From the
> code http_negotiate.c source file, it looks like it uses something called
> SPNEGO to handle the binary chunks.

SPNEGO apparently means "Simple and Protected GSS-API Negotiation Mechanism"
and is a Microsoft thing.

> I haven't yet figured out whether SPNEGO is an API, or just the name of a
> way of doing things.

I think it's a defined way to do the gss-api thing slightly differently.

> The modgssapache project[4], includes a library called fbopenssl, which has
> functions that matches the calls done from http_negotiate.c in libcurl.

libcurl relies on fbopenssl for SPNEGO support, yes, and on an external
library that provides a GSS-API (like Heimdal) for standard "GSS-Negotiation".

-- 
         -=- Daniel Stenberg -=- http://daniel.haxx.se -=-
  ech`echo xiun|tr nu oc|sed 'sx\([sx]\)\([xoi]\)xo un\2\1 is xg'`ol
Received on Tuesday, 1 June 2004 07:28:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 23 April 2007 18:18:44 GMT