I know this is a later response, but better late than never.
Strictly and technically speaking, your Kerberos JAAS realm is weakening the the intense security offered by kerberos.
Depending on the real risk of a username and password release, this may be acceptable if the exchange only happens over HTTPS and your server/code is well hardened/protected against attack. Consider what other resources the credentials are protecting and the risk associated with a compromise of those resources as well.
--David P. Douglas Reeder wrote:
After some effort, I've managed to set up a JAASRealm that draws its account information from our Kerberos server (Krb5LoginModule, connecting to Open Directory on OS X Server 10.3.9). One of the key security properties of Kerberos is that passwords are never sent over the network, even in encrypted form. However, since users interact with Tomcat using HTTP, I think passwords are sent in the clear, if using Basic authentication and encrypted if using Digest authentication. In either case, it would appear that I'm not preserving the level of security I had with the Kerberos setup before. So, would it make more sense to use account information from our Linux machine (JAASRealm with UnixLoginModule), since that is sent over the network in encrypted form when users login via ssh? Is Digest authentication about as secure as SSH? If not, what's the easiest kind of Realm to set up which stores passwords in an encrypted form, for a half dozen users? (UserDatabaseRealm is right out.) Doug Reeder Cognitive & Systematic Musicology Lab OSU School of Music --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
