Overview#
Generic Security Service Application Program Interface (GSSAPI or GSS-API) is an application programming interface for programs to access security services.The GSSAPI is an IETF standard that addresses the problem of many similar but incompatible security services in use today.
The GSSAPI SASL Mechanisms provides a way for clients to authentication including using a Kerberos V5 session.
The Generic Security Service Application Program Interface is described in the following RFCs:
- RFC 2078 Generic Security Service Application Program Interface, Version 2
- RFC 2743 The Generic Security Service Application Program Interface Version 2, Update 1.
- RFC 2744 The Generic Security Service Application Program Interface Version 2 : C-bindings
- RFC 1964 The Kerberos Version 5 GSS-API Mechanism
- RFC 4121 The Kerberos Version 5 Generic Security Service Application Program Interface (GSS-API) Mechanism: Version 2
- RFC 4178 The Simple and Protected GSS-API Negotiation Mechanism (SPNEGO)
- RFC 2025 The Simple Public-Key GSS-API Mechanism (SPKM)
- RFC 2847 - LIPKEY - A Low Infrastructure Public Key Mechanism Using SPKM
RFC 4752, and a description of the exchange between the client and the server (as well as with the Kerberos KDC).
Relationship to Kerberos[1]#
The dominant GSSAPI mechanism implementation in use is Kerberos.Unlike the GSSAPI, the Kerberos API has not been standardized and various existing implementations may use incompatible APIs. The GSSAPI allows Kerberos implementations to be API compatible.
Microsoft Active Directory#
Microsoft Active Directory supports Generic Security Service Application Program Interface through the Security Support Provider Interface which uses several Security Support ProvidersEDirectory#
Configuring GSSAPI With EdirectoryMore Information#
There might be more information for this subject on one of the following:- A Low Infrastructure Public Key Mechanism Using SPKM
- Channel Binding
- Cross-platform Authentication
- GS2 Mechanism Family
- GSSAPI
- Generic Security Service Application Program Interface
- Public Key Cryptography Based User-to-User
- RFC 2078
- RFC 2743
- RFC 2744
- Security Support Provider Interface
- The Simple Public-Key GSS-API Mechanism
- [#1] - http://en.wikipedia.org/wiki/Generic_Security_Services_Application_Program_Interface
- based on 2013-04-10
Please see our Copyright And Intellectual Property Page and Standard Disclaimer Pages!