RE: form based auth using kerberos ?
- From: m1r4cle_26@xxxxxxxxx
- To: exchangelist@xxxxxxxxxxxxx
- Date: Tue, 31 Aug 2004 05:52:26 -0600
> You would need a front-end/back-end solution IIRC. The use of Kerberos
> authentication occurs after you set integrated authentication, but you can't
> do that for the anonymous users on the internet. Hence, clear-text auth is
> usually recommended.
Yes, I agree. I have to use basic authentication with SSL enabled between
browser and exchange.
> Have you checked out some of the docs on
> http://www.microsoft.com/exchange/library for some additional deployment
> suggestions for this scenario?
As suggested, I have read some docs in the microsoft library.
Kerberos auth is used by front-end to send user cred to back-end to get
the mailbox, but front end still needs to authenticate user to AD, and so
does back end. so the flow will be:
front end -- ? --> AD
front end -- kerberos --> back end
back end -- ? --> AD
(based on article:
http://www.winnetmag.com/Article/ArticleID/40371/40371.html)
From the net, I can only know that RPC call is used for communication from
front end to AD. But how does the user authentication process work
actually ?
I'm still clueless about the "? protocol" used here. What is the default ?
Can I use kerberos ?
So if my understanding is right, even using FE/BE won't guarantee that I
can authenticate users using kerberos, right ?
If kerberos can't work with form based auth, what about non form-based
auth, can exchange uses kerberos to authenticate user to AD ?
once again, thanks for your help
lara
Other related posts:
