W3C home > Mailing lists > Public > www-talk@w3.org > March to April 1999

Re: User credential passing standard

From: Neil Gulati <ngulati@scu.edu.au>
Date: Mon, 26 Apr 1999 19:52:38 -0400 (EDT)
Message-Id: <199904262352.JAA27522@cyclops.scu.edu.au>
To: www-talk@w3.org
www-talk-d Digest				Volume 99 : Issue 12
Re: User credential passing standard

No doubt I am showing my ignorance, so tell me to shut up if I am just butting in, but surely 
kerberos offers a SSO credential passing system that is extendable accross domains? All you 
need is a cookie naming convention so clients can cache their credentials from any particular 
server on a known cookie on their own machine?


>   You didn't mention if the servers are in the same Domain.  If they are then
> using a combination of Domain cookies and a common authentication server to
> your
> servers would probably do the trick.  Digest authentication is better but
> as people have already stated, it ain't there yet.  Are you worried about
> session timouts, single signon, access control and simplified administration?
> You might want to look at a commercial SSO system for web servers.

I am developing a commercial SSO system of sorts. I just want to plan for
some level of interopability.

And I guess the servers I have in mind are in the same domain. But I would
think that the user credential "data" would be the same in either case. I
am less interested in "how" this data would be passed in these two cases.

Neil (Anil) Gulati

Unix Systems
Information Technology Directorate
Southern Cross University
Northern Rivers NSW Australia
Received on Tuesday, 27 April 1999 14:05:28 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:33:01 UTC