PADL Software Pty Ltd

PADL Software Pty Ltd

 

About PADL

Articles

Commercial Software

Contacting PADL

Documentation

Open Source Software

Partners

Purchasing

Research and Development

Technical Support


 

Kerberos Authentication Plugin (GSS-SASL)

Enterprises are deploying strong authentication systems such as DCE and Kerberos V to provide a scalable authentication infrastructure for their users. There is often a need to integrate these services with enterprise directories based on the Lightweight Directory Access Protocol (LDAP).

GSS-SASL is a plug-in module for Netscape's Directory Server that supports GSS-API (the Generic Security Service Application Program Interface) based SASL (Simple Authentication and Security Layer) authentication. This permits organizations to deploy authentication services which support GSS-API (such as Kerberos 5 or DCE) alongside Directory Server, whilst authenticating LDAP clients against their central authentication service.

The client component of GSS-SASL is available directly from Microsoft.

Key Benefits

  • Strong LDAP authentication using Kerberos V
  • Configurable authorization based on Kerberos principal name, distinguished name, and/or userid
  • Support for client-side integrity and privacy, interoperability with Windows 2000
  • Support for native iPlanet 5.0 plugin API
  • Server-side auto-discovery of GSS-API mechanisms as per draft-ietf-cat-sasl-gssapi-xx.txt
  • Support for simple authentication using PAM (this is implemented as a separate plugin and can be used to authenticate users who do not have a Kerberos ticket)

Release Notes are available here.

Requirements

  • Netscape Directory Server 3.x or 4.x or iPlanet Directory Server 5.0
  • Netscape or Mozilla LDAP C SDK
  • GSS-API library with Kerberos V support (eg. SEAM, DCE, Heimdal, MIT)

Availability

GSS-SASL is presently available only as source code, and is portable to any platform supported by the Sun ONE Directory Server. The reference platform for source code licensees is Solaris.

Please contact info@padl.com for more information. GSS-SASL is not available for HP-UX due to prior licensing arrangements with Hewlett Packard.


Home | Bugzilla

Copyright 1999-2014 PADL Software Pty Ltd ABN 16 085 895 585. All rights reserved.
PADL is a registered trademark of PADL Software Pty Ltd.