Brian Candler <[email protected]> writes:
> Kerberos is a single sign-on system. You get your TGT at the start of
> the day, and then it logs you in automatically and transparently to each
> service you visit.
> If you want the site to prompt for username/password, either initially
> or after an idle timeout, then I think it will need to do its own HTTP
> Basic authentication.
Or you can use a web authentication system based on or capable of using
Kerberos, like:
http://webauth.stanford.edu/
http://cosign.sourceforge.net/
which offer various additional features, such as this sort of idle
timeout. Kerberos by itself is not going to provide this.
--
Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
