Re: SSO for GNOME desktop

From: Kala B <kalabalun gmail com>
To: gnome-devel-list gnome org
Cc: elanthis awesomeplay com
Subject: Re: SSO for GNOME desktop
Date: Tue, 8 Mar 2005 14:09:38 +0530

Hi,

Thanks a lot for your responses. Other than Kerberos for Single SignOn
- (SSO) , is there any other SSO solution possible ? I found that
there is a "gnome-keyring-daemon" for the GNOME desktop. But I could
not find many applications writing to the APIs provided by the same.
Is there a reason behind not using gnome-keyring? or is it there in
the roadmap?

Would existing applications like gaim start using the gnome-keyring
APIs or would it be good to have a proxy SSO application, which feeds
the credentials to an application like gaim?

Thanks & Regards
Kala B.





On Fri, 25 Feb 2005 09:29:26 -0500, Sean Middleditch
<elanthis awesomeplay com> wrote:
> 
> On Fri, 2005-02-25 at 15:46 +0530, Kala B wrote:
> >Hi,
> >If there is an SSO provider application on the gnome desktop, what are
> >the applications that typically would make use of this feature?
> >
> >It would be very helpful to get the community's opinion on this.
> >
> >Does gnome plan to have something like that? Is there already
> >something in that direction?
> 
> SSO as in Single Sign On?  Just use Kerberos.  Evolution supports GSSAPI
> (Kerberos) for SMTP, POP, and IMAP, Epiphany supports HTTP Negotiate
> (for Kerberos) for web sites (you need to set a setting in about:config
> though, which kinda sucks), SSH can use GSSAPI, and gnome-vfs also
> supports Negotiate (although you might need to apply the patch I put in
> Bugzilla to fix the Neon GSSAPI code to match Neon 0.25's code -
> http://bugzilla.gnome.org/show_bug.cgi?id=159663 ).
> 
> I have my entire home network running with single sign on, now.  The
> only things I'm missing are an IMAP server that supports GSSAPI (I've
> been looking at patching Dovecot, but I need to get familiar with
> programming GSSAPI first, to make sure I do it right and securely) and a
> Jabber server.  I could also get my SMB shares to use Kerberos, but now
> that I have SSO with my WebDAV server working, I'll probably axe Samba
> from the network entirely soon.
> 
> I have some recent blog postings as I actually just got Kerberos working
> for gnome-vfs and Exim  a few days ago - see
> http://blogs.awesomeplay.com/elanthis/
> 
> On the GNOME end, besides possibly patching gnome-vfs, you might want
> the gnome-kerberos package, which will automatically ask you to renew
> your Kerberos tickets when they get close to expiring.  Just setup PAM
> to have GDM authenticate using Kerberos, and you'll get the tickets and
> all that setup automatically during login.
> 
> >
> >Thanks & Regards
> >Kala B.
> >_______________________________________________
> >gnome-devel-list mailing list
> >gnome-devel-list gnome org
> >http://mail.gnome.org/mailman/listinfo/gnome-devel-list
> >
> --
> Sean Middleditch <elanthis awesomeplay com>
> 
> _______________________________________________
> gnome-devel-list mailing list
> gnome-devel-list gnome org
> http://mail.gnome.org/mailman/listinfo/gnome-devel-list
>

Follow-Ups:
- Re: SSO for GNOME desktop
  - From: Sean Middleditch

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]