RE: [Fed-Talk] SmartCard Login
RE: [Fed-Talk] SmartCard Login
- Subject: RE: [Fed-Talk] SmartCard Login
- From: Alan Stepakoff <email@hidden>
- Date: Thu, 16 Feb 2006 20:32:38 -0800
It is my understanding that the current Heimdal can use the MIT memory cache.
Add the following line to the /library/preferences/edu.mit.kerberos
[libdefaults]
default_cc_name = API:
This will enable Heimdal to use the MIT credential management API to
store tickets. MIT will ignore it.
At 12:53 PM -0700 2/7/06, Nebergall, Christopher wrote:
You could write a program linked against Mac's MIT Kerberos which read
in credentials from a file based cache (created from Heimdal) and write
them back out into the memory based cache used by all of the Mac apps
and run this app after login. Then all apps should work.
-Christopher
-----Original Message-----
From: fed-talk-bounces+cneberg=email@hidden
[mailto:fed-talk-bounces+cneberg=email@hidden] On Behalf
Of Timothy J. Miller
Sent: Tuesday, February 07, 2006 11:53 AM
To: Brian Raymond
Cc: email@hidden
Subject: Re: [Fed-Talk] SmartCard Login
Brian Raymond wrote:
We had a similar discussion a couple of months ago on the list and at
that time I provided some possibilities given PAM, Windows 2000(2003),
Heimdal's implementations of PKINIT. You might be able to wire it up
on your own,
Unlikely, since OS X is built on MIT Kerberos. Yes, you might possibly
get PKINIT working, but the rest of your OS X apps wouldn't be able to
leverage the tickets without at least relinking to (and more likely
porting to) Heimdal.
-- Tim
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden