wpa_supplicant Integration with Linux Domain Login
Saber Zrelli
zrelli at jaist.ac.jp
Thu Nov 20 13:52:24 EST 2008
On Fri, Nov 21, 2008 at 3:13 AM, Jouni Malinen <j at w1.fi> wrote:
> On Thu, Nov 20, 2008 at 02:40:36PM +0530, SYED ANWAR UL HASAN wrote:
>
>> I want to use wpa_supplicant to use Linux Domain Login Credentials instead of mentioning in the conf file about the identity of user i.e user at somedomain and also specifying his password.
>>
>> My Linux User Domain Authentication is done using Active Directory Kerberos with PAM UNIX configuration and I want wpa_supplicant to read the Login Identity so that a Single Sign On Solution can be possible with 802.1X for Linux Supplicants .
>
>
> There is currently no support for doing that in the wpa_supplicant. Or
> well, I would assume it would be possible to write an external program
> to do that and use it with wpa_supplicant, but anyway, this is not
> included as an integrated part of wpa_supplicant.
>
> Would you happen to know whether there is a supported PAM API for
> receiving the username and cleartext password for the currently logged
> in user? Any pointers to documentation for such an API?
If we are talking about Kerberos SSO. The user password is not stored
in the system.
The only credentials that can be used are the Kerberos tickets.
SYED ANWAR UL HASAN : There is this project that might interest you
(http://kernac.codealias.info)
I can provide binaries for your system and assist with deployment if
needed (contact me off-line for that).
regards,
saber.
>
> --
> Jouni Malinen PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>
More information about the HostAP
mailing list