Chapter 5. Secure authentication with Kerberos
This chapter covers
- Alternatives to password-based authentication
- Kerberos and Java GSS API
- WS-Security with Kerberos
In the previous chapter, we showed you how to claim your identity using passwords. We discussed two schemes: one that requires you to submit your password in clear text and another that helps you guard your password from snoopers—people who intend to steal it while it is on the wire. Both schemes required you to first register a username and password with your service providers. Like most users, you probably reuse the same username and password when registering with several services. This makes you susceptible to repurposing attacks. Administrators of a service you are registered ...