Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.
This post describes how to set up OpenStack Keystone with external authentication - Kerberos with OpenLDAP backend. The post also contains results of the research about using Kerberos not just for authentication but also for authorization by storing additional data (like groups, roles, etc.) in Kerberos ticket.
This post describes how to set up following configuration:
Monday, May 23, 2016
Friday, May 20, 2016
In this post we walk the reader through the following configuration:
- Keystone as Service Provider (with Shibboleth Apache Module)
- AD FS as Identity Provider
- Active Directory as storage for users