WebAuth 3.6.0

I actually released this last Saturday, but I've not been in the mood to make journal entries lately. This release incorporates the work for Stanford's guest accounts project, mostly done by Dmitri Priimak, as well as adding support for credential delegation to the WebLogin server and fixing a memory allocation bug in mod_webauth found by Ian Ward Comfort.

With this release, WebAuth has all the configuration parameters necessary to deal with cross-realm Kerberos authentication in a sane fashion. One can prevent cross-realm principals from authenticating as valid-user and use a wider variety of options for canonicalizing the authenticated identity.

You can get the latest release from the WebAuth distribution page.

Posted: 2008-03-25 23:12 — Why no comments?

Last spun 2013-07-01 from thread modified 2013-01-04