Re: SSO for GNOME desktop


Thanks a lot for your responses. Other than Kerberos for Single SignOn
- (SSO) , is there any other SSO solution possible ? I found that
there is a "gnome-keyring-daemon" for the GNOME desktop. But I could
not find many applications writing to the APIs provided by the same.
Is there a reason behind not using gnome-keyring? or is it there in
the roadmap?

Would existing applications like gaim start using the gnome-keyring
APIs or would it be good to have a proxy SSO application, which feeds
the credentials to an application like gaim?

Thanks & Regards
Kala B.

On Fri, 25 Feb 2005 09:29:26 -0500, Sean Middleditch
<elanthis awesomeplay com> wrote:
> On Fri, 2005-02-25 at 15:46 +0530, Kala B wrote:
> >Hi,
> >If there is an SSO provider application on the gnome desktop, what are
> >the applications that typically would make use of this feature?
> >
> >It would be very helpful to get the community's opinion on this.
> >
> >Does gnome plan to have something like that? Is there already
> >something in that direction?
> SSO as in Single Sign On?  Just use Kerberos.  Evolution supports GSSAPI
> (Kerberos) for SMTP, POP, and IMAP, Epiphany supports HTTP Negotiate
> (for Kerberos) for web sites (you need to set a setting in about:config
> though, which kinda sucks), SSH can use GSSAPI, and gnome-vfs also
> supports Negotiate (although you might need to apply the patch I put in
> Bugzilla to fix the Neon GSSAPI code to match Neon 0.25's code -
> ).
> I have my entire home network running with single sign on, now.  The
> only things I'm missing are an IMAP server that supports GSSAPI (I've
> been looking at patching Dovecot, but I need to get familiar with
> programming GSSAPI first, to make sure I do it right and securely) and a
> Jabber server.  I could also get my SMB shares to use Kerberos, but now
> that I have SSO with my WebDAV server working, I'll probably axe Samba
> from the network entirely soon.
> I have some recent blog postings as I actually just got Kerberos working
> for gnome-vfs and Exim  a few days ago - see
> On the GNOME end, besides possibly patching gnome-vfs, you might want
> the gnome-kerberos package, which will automatically ask you to renew
> your Kerberos tickets when they get close to expiring.  Just setup PAM
> to have GDM authenticate using Kerberos, and you'll get the tickets and
> all that setup automatically during login.
> >
> >Thanks & Regards
> >Kala B.
> >_______________________________________________
> >gnome-devel-list mailing list
> >gnome-devel-list gnome org
> >
> >
> --
> Sean Middleditch <elanthis awesomeplay com>
> _______________________________________________
> gnome-devel-list mailing list
> gnome-devel-list gnome org

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]