Kerberos is cool

The last few weeks I have been working on a single sign on/Kerberos project.
For anyone for whom either of those term is new, here is some food for thought. Windoze, Linux, Mac OS X (10.4), Firefox, IE, Apache, ssh… has, in the past 10 years been Kerberised. Rather than Microsoft’s Embrace Extend Annihilate being the death knell for Kerberos, their endorsement legitimised it.
Add in SPNEGO, another M$ innocation, which added browsers into single sign on, and here we are. Much of everything we need is Kerberised. An overnight success which took a decade. It is a very good time to adopt Kerberos.
Over the next little while I intend creating a Kerberos/Glassfish HOWTO, showing how to add a Glassfish security realm to a Kerberos realm. If you look in your JAVA_HOME/bin directory, you will see kinit and klist, Yes Java was Kerberised in 1.4.2. There is a Kerberos Login Config: com.sun.security.auth.module.Krb5LoginModule

By Greg Luck

As Terracotta’s CTO, Greg (@gregrluck) is entrusted with understanding market and technology forces and the business drivers that impact Terracotta’s product innovation and customer success. He helps shape company and technology strategy and designs many of the features in Terracotta’s products. Greg came to Terracotta on the acquisition of the popular caching project Ehcache which he founded in 2003. Prior to joining Terracotta, Greg served as Chief Architect at Australian online travel giant Wotif.com. He also served as a lead consultant for ThoughtWorks on accounts in the United States and Australia, was CIO at Virgin Blue, Tempo Services, Stamford Hotels and Resorts and Australian Resorts and spent seven years as a Chartered Accountant in KPMG’s small business and insolvency divisions. He is a regular speaker at conferences and contributor of articles to the technical press.

View all of Greg Luck's posts.