Is anyone else interested in using LDAP for authentication, or would
like to see this implemented?
On a related question - is Kerberos likely going to work with GSI in the
near future?
Thanks!
-Pauline.
--
Pauline Mak
Assistant Manager, ARCS Data Services
Ph: +61 3 6226 7518
Mob: +61 411 638 196
Email: pauli...@arcs.org.au
Jabber: pauli...@arcs.org.au
Calendar: http://tinyurl.com/pmak-arcs-calendar
http://www.arcs.org.au/
TPAC
Email: pauli...@utas.edu.au
http://www.tpac.org.au/
we'll appreciate, if LDAP authentication is being implemented with iRODS.
Best regards
Andreas
On Thu, 22 Oct 2009, Pauline Mak <pauli...@arcs.org.au> wrote:
> Is anyone else interested in using LDAP for authentication, or would
> like to see this implemented?
>
> On a related question - is Kerberos likely going to work with GSI in the
> near future?
>
> Thanks!
>
> -Pauline.
>
>
--
Andreas Landhäußer +49 151 12133027 (mobile)
alan...@gmx.de
schr...@diceresearch.org wrote:
> Folks,
>
> It looks like there are a few sites interested in running Kerberos and
> GSI at the same time, so I'll try to integrate Roger's extensions for
> that for the next release (thanks Roger). I've updated our RoadMap page
> to reflect this.
>
That's great news :) I'm wrestling with whether to go down the path of
supporting LDAP or whether to stay with Kerberos right now... It has a
huge implication for our entire authentication infrastructure, not just
for iRODS alone, but also other applications we support too.
> For LDAP support, there seem to be a couple of sites interested and I
> expect we may be able to support that someday, but I don't think we will
> have time to add it for the next release. A number of projects that
> have come up recently fall into my areas, and I believe my time is now
> over-booked (see the ICAT and authentication projects on the RoadMap).
> But if someone could provide me with example 'C' code that handles the
> LDAP authentication, client and server, that would build and run on our
> supported platforms, that would help.
>
Yeap - no dramas. Thanks for all the fantastic work thus far!
Unfortunately, we don't have the resource either... :/
One option is to use PAM, which would make authentication extensible
(while maintain the Kerberos support) I'm not sure what the status is
for Windows is though (there's pGINA), but it's certainly well supported
by Linux and Macs.
Cheers,