Stanford s WebAuth

September 25th, 2007

Last nice I came across Stanford's WebAuth site again, and this time took a second look at it. Couple of things I noticed:

  • Interfaces with Kerberos or Shibboleth (actually I think Kerberos might be needed on both)
  • Reminds me somewhat of OpenID - one "server" required, many "clients"
  • Uses cookies for "single sign-on" capabilities
  • Hooks / modules exist for Apache, LDAP, Cyrus SASL, and CURL

Questions to answer:

  • Do the "client sites" that hook back into the WebKDC need to networked to each other?
  • What does KDC stand for?

I use Cyrus SASL in my mail servers, and CURL in some of my PHP implementations, and I defintely use Apache all the time in many instances. I've experimented with LDAP and would love to get it more integrated with our operations, but I just haven't gotten a firm enough grasp of it. And from the community side, it seems to have solid but slightly waning support as a protocol - its respected but not widely popular. Why is that I wonder? Am I missing something?

Yearly Indexes: 2003 2004 2006 2007 2008 2009 2010 2011 2012 2013 2015 2019 2020