Kerberos and Coldfusion - Kerberos

This is a discussion on Kerberos and Coldfusion - Kerberos ; I am a student programmer for Michigan State's business college. I have been asked to implement the university's Kerberos system with our website. However, the rest of the college is programmed using PHP and I am using coldfusion, so I ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Kerberos and Coldfusion

  1. Kerberos and Coldfusion

    I am a student programmer for Michigan State's business college.

    I have been asked to implement the university's Kerberos system with our
    website. However, the rest of the college is programmed using PHP and I
    am using coldfusion, so I have no examples to work from.



    Can you offer me any help on how to do this? Macromedia's website has
    offered little help.



    Eric Puidokas

    Web Programmer

    Eli Broad College of Business

    puidokas@bus.msu.edu



    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  2. Re: Kerberos and Coldfusion

    On Wed, 1 Jun 2005, Puidokas, Eric wrote:

    > I am a student programmer for Michigan State's business college.
    >
    > I have been asked to implement the university's Kerberos system with our
    > website. However, the rest of the college is programmed using PHP and I
    > am using coldfusion, so I have no examples to work from.


    Getting and manipulating Kerberos tickets from within Cold Fusion is
    probably a mistake, unless you need your Cold Fusion application to
    access Kerberos-authenticated resources (such as file servers
    or email servers) on behalf of the end user -- this can be quite
    complicated.

    If you instead just need to verify the user's identity for use
    within your own Cold Fusion application, then I'd suggest letting
    the web server handle all of the Kerberos authentication for
    your application. If you SSL protect your application (or just
    certain pages) and require authentication then the web server
    will ensure that the user is properly authenticated before your
    Cold Fusion code is run.

    I am not familiar with Microsoft IIS (maybe someone else can
    provide assistance if that is what you are using), but if you
    are running your Cold Fusion code under Apache then you
    might want to look at mod_auth_gss_krb5 (available
    at http://modgssapache.sourceforge.net/) or mod_auth_kerb
    (available at http://modauthkerb.sourceforge.net/)

    I hope this helps.

    Mark Montague
    LS&A Information Technology
    The University of Michigan
    markmont@umich.edu

    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


+ Reply to Thread