RFR 6722928: Support SSPI as a native GSS-API provider
Nico Williams
Nico.Williams at twosigma.com
Mon Mar 25 21:22:48 UTC 2019
On Mon, Mar 25, 2019 at 07:45:07PM +0000, Bernd Eckenfels wrote:
> Just to add another aspect to the discussion, there are at least 3 DLLs out
> there which implement this functionality (Microsoft’s JDBC driver, jTDS
> driver and Waffle) + commercial solutions as we have heared. All of them are
> used to allow authenticating the current user against services (mostly TDS
> (SQL Server), SMB and http.
>
> So having a GSS provider, even when it is not used by default would hugely
> benefit a lot of projects (especially if it does not require JAAS wrapping
> and will support Windows 10 with Credential Guard for NTLM and Kerberos)
Good point.
Oh, and BTW, Windows too has acquireCredential extensions not unlike
gss_acquire_cred_from().
More information about the security-dev
mailing list