drankye / haox Goto Github PK
View Code? Open in Web Editor NEWA Kerberos implementation in Java
License: Apache License 2.0
A Kerberos implementation in Java
License: Apache License 2.0
This is to implement the pre-authentication/FAST framework.
This is to refactor not-so-commons-ssl library and replace the asn1 parser with haox-asn1.
This is to implement the Access Token profile based on the TokenPreauth pre-authentication mechanism defined in the draft. Ref. docs/Accesstoken-profile.pdf
Haox-event already supports mix of TCP and UDP together in a server. Based on it, this will allow KDC to bind and process requests from TCP and UDP ports.
With the mix support of TCP and UDP provided by haox-event, this is to allow KrbClient to support the both protocols with TCP being tried first.
This is going to implement the cross-realm support.
This is to refactor not-so-commons-ssl library and get rid of external dependencies for the core parts.
Enhance KrbClient to respect krb5.conf file to make it easy.
This is to implement PKINIT pre-authentication mechanism.
This is going to implement an Ldap identity backend for Haox KDC server. The Ldap server can be standalone or embedded.
Credential cache utility needs to be updated to support latest cache file format. It's necessary because KrbClient needs to use the feature to store temporary negotiation data for a preauth mechanism.
This is to implement TokenPreauth pre-authentication mechanism defined in token-preauth draft. Ref. docs/token-preauth.pdf
This is going to support INIT configuration file format. Below is a sample (krb5.conf):
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
For above sample, we can have:
Conf conf = ...
conf.addIniConfig("/etc/krb5.conf");
conf.getString("default_realm") == "EXAMPLE.COM";
Config config = conf.getConfig("libdefaults");
config.getBoolean("forwardable") == true
...
Based on it, it will be easy to support MIT Kerberos configurations like krb5.conf and kdc.conf.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.