Re: SSO for GNOME desktop
- From: Sean Middleditch <elanthis awesomeplay com>
- To: Kala B <kalabalun gmail com>
- Cc: gnome-devel-list gnome org
- Subject: Re: SSO for GNOME desktop
- Date: Tue, 08 Mar 2005 09:08:52 -0500
On Tue, 2005-03-08 at 14:09 +0530, Kala B wrote:
> Hi,
>
> Thanks a lot for your responses. Other than Kerberos for Single SignOn
> - (SSO) , is there any other SSO solution possible ? I found that
> there is a "gnome-keyring-daemon" for the GNOME desktop. But I could
> not find many applications writing to the APIs provided by the same.
> Is there a reason behind not using gnome-keyring? or is it there in
> the roadmap?
It's just really new. It's also a GNOME component, so there is
basically little to no chance of any non-GNOME applications ever using
it.
>
> Would existing applications like gaim start using the gnome-keyring
> APIs or would it be good to have a proxy SSO application, which feeds
> the credentials to an application like gaim?
You might be able to make a gaim plugin for it.
>
> Thanks & Regards
> Kala B.
>
>
>
>
>
> On Fri, 25 Feb 2005 09:29:26 -0500, Sean Middleditch
> <elanthis awesomeplay com> wrote:
> >
> > On Fri, 2005-02-25 at 15:46 +0530, Kala B wrote:
> > >Hi,
> > >If there is an SSO provider application on the gnome desktop, what are
> > >the applications that typically would make use of this feature?
> > >
> > >It would be very helpful to get the community's opinion on this.
> > >
> > >Does gnome plan to have something like that? Is there already
> > >something in that direction?
> >
> > SSO as in Single Sign On? Just use Kerberos. Evolution supports GSSAPI
> > (Kerberos) for SMTP, POP, and IMAP, Epiphany supports HTTP Negotiate
> > (for Kerberos) for web sites (you need to set a setting in about:config
> > though, which kinda sucks), SSH can use GSSAPI, and gnome-vfs also
> > supports Negotiate (although you might need to apply the patch I put in
> > Bugzilla to fix the Neon GSSAPI code to match Neon 0.25's code -
> > http://bugzilla.gnome.org/show_bug.cgi?id=159663 ).
> >
> > I have my entire home network running with single sign on, now. The
> > only things I'm missing are an IMAP server that supports GSSAPI (I've
> > been looking at patching Dovecot, but I need to get familiar with
> > programming GSSAPI first, to make sure I do it right and securely) and a
> > Jabber server. I could also get my SMB shares to use Kerberos, but now
> > that I have SSO with my WebDAV server working, I'll probably axe Samba
> > from the network entirely soon.
> >
> > I have some recent blog postings as I actually just got Kerberos working
> > for gnome-vfs and Exim a few days ago - see
> > http://blogs.awesomeplay.com/elanthis/
> >
> > On the GNOME end, besides possibly patching gnome-vfs, you might want
> > the gnome-kerberos package, which will automatically ask you to renew
> > your Kerberos tickets when they get close to expiring. Just setup PAM
> > to have GDM authenticate using Kerberos, and you'll get the tickets and
> > all that setup automatically during login.
> >
> > >
> > >Thanks & Regards
> > >Kala B.
> > >_______________________________________________
> > >gnome-devel-list mailing list
> > >gnome-devel-list gnome org
> > >http://mail.gnome.org/mailman/listinfo/gnome-devel-list
> > >
> > --
> > Sean Middleditch <elanthis awesomeplay com>
> >
> > _______________________________________________
> > gnome-devel-list mailing list
> > gnome-devel-list gnome org
> > http://mail.gnome.org/mailman/listinfo/gnome-devel-list
> >
>
--
Sean Middleditch <elanthis awesomeplay com>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]