Re: SSO for GNOME desktop

On Fri, 2005-02-25 at 15:46 +0530, Kala B wrote:
>If there is an SSO provider application on the gnome desktop, what are
>the applications that typically would make use of this feature?
>It would be very helpful to get the community's opinion on this. 
>Does gnome plan to have something like that? Is there already
>something in that direction?

SSO as in Single Sign On?  Just use Kerberos.  Evolution supports GSSAPI
(Kerberos) for SMTP, POP, and IMAP, Epiphany supports HTTP Negotiate
(for Kerberos) for web sites (you need to set a setting in about:config
though, which kinda sucks), SSH can use GSSAPI, and gnome-vfs also
supports Negotiate (although you might need to apply the patch I put in
Bugzilla to fix the Neon GSSAPI code to match Neon 0.25's code - ).

I have my entire home network running with single sign on, now.  The
only things I'm missing are an IMAP server that supports GSSAPI (I've
been looking at patching Dovecot, but I need to get familiar with
programming GSSAPI first, to make sure I do it right and securely) and a
Jabber server.  I could also get my SMB shares to use Kerberos, but now
that I have SSO with my WebDAV server working, I'll probably axe Samba
from the network entirely soon.

I have some recent blog postings as I actually just got Kerberos working
for gnome-vfs and Exim  a few days ago - see

On the GNOME end, besides possibly patching gnome-vfs, you might want
the gnome-kerberos package, which will automatically ask you to renew
your Kerberos tickets when they get close to expiring.  Just setup PAM
to have GDM authenticate using Kerberos, and you'll get the tickets and
all that setup automatically during login.

>Thanks & Regards
>Kala B.
>gnome-devel-list mailing list
>gnome-devel-list gnome org
Sean Middleditch <elanthis awesomeplay com>

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]