Difference between revisions of "uaCap:TokenKerberos"

From UaCapabilities
Jump to: navigation, search
Line 1: Line 1:
 
{{CapabilityUri|/Security/UserToken/Kerberos}}
 
{{CapabilityUri|/Security/UserToken/Kerberos}}
 
'''Description'''
 
'''Description'''
<br>Enable user access by means of Kerberos ticket.
+
<br>Enable user authentication by means of Kerberos tickets.
  
 
'''Usage Considerations'''
 
'''Usage Considerations'''
 
* Requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.
 
* Requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.
 
* Kerberos protocol messages are protected against eavesdropping and replay attacks.
 
* Kerberos protocol messages are protected against eavesdropping and replay attacks.
* Kerberos is the default authentication method for Windows.
+
* Kerberos is the default authentication method for Windows and also available on most Linux platforms.
  
{{uaConformance|TBD <!-- Client -->|
+
{{uaConformance|
TBD <!-- Server -->
+
[http://opcfoundation.org/UA-Profile/Security/UserToken-Server/Kerberos '''Use of Kerberos tickets to authenticate a user''']
<!-- Example
+
|
* [http://opcfoundation.org/UA-Profile/Server/GlobalCertificateManagement '''Global Certificate Management Server Profile''']
+
[http://opcfoundation.org/UA-Profile/Security/UserToken-Client/Kerberos '''Use of Kerberos tickets to identify the Client user''']
* [http://opcfoundation.org/UA-Profile/Client/GlobalCertificateManagement '''Global Certificate Management Client Profile''']
+
-->
+
 
}}
 
}}

Revision as of 12:51, 10 February 2015

URN:          https://opcfoundation.org/wiki/index.php/Security/UserToken/Kerberos

Description
Enable user authentication by means of Kerberos tickets.

Usage Considerations

  • Requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.
  • Kerberos protocol messages are protected against eavesdropping and replay attacks.
  • Kerberos is the default authentication method for Windows and also available on most Linux platforms.

Conformance Testing

Client Server

Use of Kerberos tickets to authenticate a user

Use of Kerberos tickets to identify the Client user