Overview#

Generic Security Service Application Program Interface (GSSAPI or GSS-API) is an application programming interface for programs to access security services.

The GSSAPI is an IETF standard that addresses the problem of many similar but incompatible security services in use today.

The GSSAPI SASL Mechanisms provides a way for clients to authentication including using a Kerberos V5 session.

The Generic Security Service Application Program Interface is described in the following RFCs:

RFC 4752, and a description of the exchange between the client and the server (as well as with the Kerberos KDC).

Relationship to Kerberos[1]#

The dominant GSSAPI mechanism implementation in use is Kerberos.

Unlike the GSSAPI, the Kerberos API has not been standardized and various existing implementations may use incompatible APIs. The GSSAPI allows Kerberos implementations to be API compatible.

Microsoft Active Directory#

Microsoft Active Directory supports Generic Security Service Application Program Interface through the Security Support Provider Interface which uses several Security Support Providers

EDirectory#

Configuring GSSAPI With Edirectory

More Information#

There might be more information for this subject on one of the following:

This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop