LDAP-297: Kerberos support for ContextSource

[spring-projects-issues]

Migrated from LDAP-297

[spring-projects-issues]

Michael Osipov said:

I have a custom implementation working for years. Anyone interested?

[spring-projects-issues]

Rob Winch said:

Thanks! We would love to get a Pull Request and include it in the distribution!

[spring-projects-issues]

Michael Osipov said:

Yay, did not notice your response. I need to upgrade the code to Spring LDAP 2.0 and will make this avaiable after that.

[spring-projects-issues]

Rob Winch said:

Since I commented, you might find what you need in Spring Security Kerberos http://docs.spring.io/spring-security-kerberos/docs/1.0.0.RC2/reference/htmlsingle/#ssk-kerberosldap

[spring-projects-issues]

Michael Osipov said:

Thanks Rob, I quickly scanned the example and this is something I won't be using because it does not separate interface from implementation:

1. This is tied to Oracle VM
2. You have to writer another class for another VM vendor
3. You are going to duplicate all of Krb5LoginModules parameters.
4. You always require a keytab which is not always the case.

A cleaner approach is always to use a login entry name and provide the login.conf file. VM and config agonistic. This is what I use in an adapted fashion for Spring LDAP.