Reputation: 2517
Kerberos via javascript or HTML 5
I have been tasked with setting up a server which uses a web based control interface using kerberos and active directory for authentication. I am using twisted.web as the web server. The issue is that I do not want user passwords coming through this server, but I don't know if it is possible for firefox and chrome to get access keys from the kerberos key server. Specifically it must work with firefox, other browsers would be a bonus. Is there a javascript library, possibly using HTML5 or a firefox plugin that allows for authentication to an untrusted server using kerberos? A flash application might also be possible.
Upvotes: 12
Views: 4406
Answers (1)
Reputation: 1379
Maybe you could through a reverse proxy in front of twisted and use http auth from the web app and delegate authentication itself to Kerberos via an apache or nginx module.
While the proxy will receive the password, the twisted server won't, in line with your use case. Requests would be intercepted by the proxy and delegated to your back end (proxy_pass) following a successful authentication.
This way your solution would work independently from any http client/web browser.
Upvotes: 1
Related Questions
- Windows Kerberos Authentication for Google Chrome and Edge
- End-to-end kerberos delegated authentication in ASP.NET
- kerberos authentication over ldap
- Asp.net and Kerberos Authentication
- IIS: Using Kerberos with client computers that are not on the domain
- ASP.NET Always include Kerberos authentication in client response
- Kerberos Credential Delegation
- kerberos in asp.net
- Kerberos username using javascript
- Using Kerberos & LDAP