Kerberos/Android

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Kerberos/Android

Pascal Jakobi
Hi there

Our dev team is currently trying to kerberize some client software running
on an Android phone (client side, the server runs on CentOS).

The issue is that, as far as we could see, Android does not ship any client
software.

If this is supposed to be, which software should we pick ? We grabbed stuff
on GitHub that seems at least partially functional, but we are unsure of
its quality....

So can someone on this list give us advice ?

Thanks

--
*Pascal Jakobi*
[hidden email]
_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev
Reply | Threaded
Open this post in threaded view
|

Re: Kerberos/Android

Rick van Rein (OpenFortress)
Hey,

> Our dev team is currently trying to kerberize some client software running
> on an Android phone (client side, the server runs on CentOS).

Interesting, would you care to tell some more?  Open or closed software?

> So can someone on this list give us advice ?

Any such advice could not exceed the accuracy of your "grabbed stuff on GitHub"
reference I fear :)

-Rick
_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev
Reply | Threaded
Open this post in threaded view
|

Re: Kerberos/Android

Pascal Jakobi
Unfortunately this is (very) closed s/w - military...
Thanks for the information.
P

2017-05-09 14:19 GMT+02:00 Rick van Rein <[hidden email]>:

> Hey,
>
> > Our dev team is currently trying to kerberize some client software
> running
> > on an Android phone (client side, the server runs on CentOS).
>
> Interesting, would you care to tell some more?  Open or closed software?
>
> > So can someone on this list give us advice ?
>
> Any such advice could not exceed the accuracy of your "grabbed stuff on
> GitHub"
> reference I fear :)
>
> -Rick
>



--
*Pascal Jakobi*
116 rue de Stalingrad
93100 Montreuil, France

*+33 6 87 47 58 19*[hidden email]
_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev
Reply | Threaded
Open this post in threaded view
|

Re: Kerberos/Android

Benjamin Kaduk-2
In reply to this post by Rick van Rein (OpenFortress)
On Tue, May 09, 2017 at 02:19:04PM +0200, Rick van Rein wrote:

> Hey,
>
> > Our dev team is currently trying to kerberize some client software running
> > on an Android phone (client side, the server runs on CentOS).
>
> Interesting, would you care to tell some more?  Open or closed software?
>
> > So can someone on this list give us advice ?
>
> Any such advice could not exceed the accuracy of your "grabbed stuff on GitHub"
> reference I fear :)

I can offer slightly better, namely that when I was on staff at MIT,
we hired a contractor to port MIT krb5 to android, which resulted in
https://github.com/cconlon/kerberos-java-gssapi and
https://github.com/cconlon/kerberos-android-ndk .  I didn't get a
chance to try them out and review them, myself, but it is somewhat
more reputable than "random stuff on github" would otherwise need to
be considered.  I do know of a couple of projects of varying
seriousness that built off of those.

-Ben
_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev
Reply | Threaded
Open this post in threaded view
|

Re: Kerberos/Android

Derek Atkins-2
Hi,

Benjamin Kaduk <[hidden email]> writes:

> On Tue, May 09, 2017 at 02:19:04PM +0200, Rick van Rein wrote:
>> Hey,
>>
>> > Our dev team is currently trying to kerberize some client software running
>> > on an Android phone (client side, the server runs on CentOS).
>>
>> Interesting, would you care to tell some more?  Open or closed software?
>>
>> > So can someone on this list give us advice ?
>>
>> Any such advice could not exceed the accuracy of your "grabbed stuff
>> on GitHub"
>> reference I fear :)
>
> I can offer slightly better, namely that when I was on staff at MIT,
> we hired a contractor to port MIT krb5 to android, which resulted in
> https://github.com/cconlon/kerberos-java-gssapi and
> https://github.com/cconlon/kerberos-android-ndk .  I didn't get a
> chance to try them out and review them, myself, but it is somewhat
> more reputable than "random stuff on github" would otherwise need to
> be considered.  I do know of a couple of projects of varying
> seriousness that built off of those.

Just to add a bit to this... in my previous job we took this code and
incorporated it into some Android products.  I do believe we had to make
some additional changes, but it's been ~3-4 years so the memory is a
little fuzzy.  At the time we were using it in our own products and not
providing it as an SDK.  IIRC we hooked into Chromium and added HTTP
GSSAPI authentication.

I haven't looked at it in over 3 years so I don't have any more recent
information.

> -Ben

-derek
--
       Derek Atkins                 617-623-3745
       [hidden email]             www.ihtfp.com
       Computer and Internet Security Consultant
_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev
Reply | Threaded
Open this post in threaded view
|

Re: Kerberos/Android

Tina Harriott
In reply to this post by Pascal Jakobi
On 9 May 2017 at 23:26, Pascal Jakobi <[hidden email]> wrote:
> Unfortunately this is (very) closed s/w - military...

Mind posting purpose, target, reference id of related secret military
documents, all the passwords and your credit card number?

Tina

> Thanks for the information.
> P
>
> 2017-05-09 14:19 GMT+02:00 Rick van Rein <[hidden email]>:
>
>> Hey,
>>
>> > Our dev team is currently trying to kerberize some client software
>> running
>> > on an Android phone (client side, the server runs on CentOS).
>>
>> Interesting, would you care to tell some more?  Open or closed software?
>>
>> > So can someone on this list give us advice ?
>>
>> Any such advice could not exceed the accuracy of your "grabbed stuff on
>> GitHub"
>> reference I fear :)
>>
>> -Rick
>>
>
>
>
> --
> *Pascal Jakobi*
> 116 rue de Stalingrad
> 93100 Montreuil, France
>
> *+33 6 87 47 58 19*[hidden email]
> _______________________________________________
> krbdev mailing list             [hidden email]
> https://mailman.mit.edu/mailman/listinfo/krbdev



--
Tina Harriott  - Women in Mathematics
Contact: [hidden email]
_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev