Difference between revisions of "uaCap:TokenKerberos"

From UaCapabilities
Jump to: navigation, search
(Created page with "{{CapabilityUri|/Security/UserToken/Kerberos}} '''Description''' <br>Enable user access by means of Kerberos ticket. '''Usage Considerations''' * Requires a trusted third pa...")
 
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
{{CapabilityUri|/Security/UserToken/Kerberos}}
 
{{CapabilityUri|/Security/UserToken/Kerberos}}
 
 
'''Description'''
 
'''Description'''
<br>Enable user access by means of Kerberos ticket.
+
<br>Enable user authentication by means of Kerberos tickets.
  
 
'''Usage Considerations'''
 
'''Usage Considerations'''
 
* Requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.
 
* Requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.
 
* Kerberos protocol messages are protected against eavesdropping and replay attacks.
 
* Kerberos protocol messages are protected against eavesdropping and replay attacks.
* Kerberos is the default authentication method for Windows.
+
* Kerberos is the default authentication method for Windows and also available on most Linux platforms.
  
{{uaConformance|TBD <!-- Client -->|
+
{{uaConformance|
TBD <!-- Server -->
+
[http://opcfoundation.org/UA-Profile/Security/UserToken-Client/Kerberos '''Use of Kerberos tickets to identify the Client user''']
<!-- Example
+
|
* [http://opcfoundation.org/UA-Profile/Server/GlobalCertificateManagement '''Global Certificate Management Server Profile''']
+
[http://opcfoundation.org/UA-Profile/Security/UserToken-Server/Kerberos '''Use of Kerberos tickets to authenticate a user''']
* [http://opcfoundation.org/UA-Profile/Client/GlobalCertificateManagement '''Global Certificate Management Client Profile''']
+
-->
+
 
}}
 
}}

Latest revision as of 12:51, 10 February 2015

URN:          https://opcfoundation.org/wiki/index.php/Security/UserToken/Kerberos

Description
Enable user authentication by means of Kerberos tickets.

Usage Considerations

  • Requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.
  • Kerberos protocol messages are protected against eavesdropping and replay attacks.
  • Kerberos is the default authentication method for Windows and also available on most Linux platforms.

Conformance Testing

Client Server

Use of Kerberos tickets to identify the Client user

Use of Kerberos tickets to authenticate a user