Apache Kerby 1.0.0-RC1 released posted on September 16th, 2015
The Apache Directory team is pleased to announce the release of Apache Kerby 1.0.0-RC1, the first release candidate towards a 1.0 version.
Downloads are available here
Apache Kerby 1.0.0-RC1 Release Note¶
In this release 236 JIRA issues were resolved and the following features are supported:
- KDC server
- Credential cache and keytab utilities
Standalone KDC server .
Support for various identity backends:
- Mavibot(MVCC BTree)
Embedded KDC server allows easy integration into products for unit tests or production deployment.
FAST/Preauthentication framework to allow popular and useful authentication mechanisms.
Token Preauth mechanism to allow clients to request tickets using JWT tokens.
Client can request a TGT with:
- User plain password credential
- User keyTab
- User token credential
Client can request a service ticket with:
- user TGT credential for a server
- user AccessToken credential for a server
Network support including UDP and TCP transport with two implementations:
- Default implementation based on the JRE without depending on other libraries.
- Netty based implementation for better throughput, lower latency.
- kdcinit: Initialize and prepare KDC, like choose storage type, setting up necessary principals (tgs, kadmin) etc.
- kadmin: Command-line interfaces to administration system.
- kinit: Obtains and caches an initial ticket-granting ticket for principal.
- klist: Lists the Kerby principal and tickets held in a credentials cache, or the keys held in a keytab file.
Support for JAAS, GSSAPI and SASL frameworks that applications can leverage the authentication mechanisms provided by Kerby.
Building support: checking style and find bugs.