问题
The picture bellow shows the architecture that I need to deploy, and it explains my problem.
I already designed a sub system that contains a set of applications (web services, web applications) deployed in apache tomcat. To provide the SSO functionality to my sub-system I used the WSO2 Identity Server with SAML2.0 to authenticate users and get access to all sub-system applications.
This sub system is destined to be integrated into enterprises environment and work together with enterprise components. Now I need that enterprise users get access to my applications (of sub-system) there is two cases:
Connect WSO2 Identity Server to the enterprise LDAP, the WSO2 IS authenticate users by requesting the enterprise LDAP. This is not recommended.
Make WSO2 IS to work with the enterprise authentication server (Kerberos, Radius, CAS, etc.), the WSO2 :Brokred Authentication.
How to authenticate automatically to wso2 IS with a Kerberos. ticket obtained from kerberos authentication (or Radius) ?
回答1:
In fact - Kerberos is directly supported by WSO2 IS (http://wso2.com/library/articles/2012/07/kerberos-authentication-using-wso2-products/ or search the web)
We achieved the RADIUS support by implementing custom Authenticator interface ( search the web for it, there are many examples, it helps if you understand OSGi architecture) and TinyRadius library (http://tinyradius.sourceforge.net/)
Have fun
G.
来源:https://stackoverflow.com/questions/31306243/wso2-is-login-with-radius-kerberos