adeinega
commented
4 months ago Was added in https://github.com/deansaxe/wimse-token-exch-design-team/pull/18/commits/53aaa3f2beb118018081c464888d02ea2318303d as a part of #14.
Closed adeinega closed 4 months ago
adeinega
commented
4 months ago Was added in https://github.com/deansaxe/wimse-token-exch-design-team/pull/18/commits/53aaa3f2beb118018081c464888d02ea2318303d as a part of #14.
We might really want to include a token exchange (or transition) use case where Kerberos service tickets (ST) get involved. As as example, a workload provides a Kerberos ST to an AS using typical approach "Authorization: Negotiate ****" for that. Then, an AS issues an OAuth Bearer (or any other token) if this AS
There are lots of Orgs completely or partially in a Windows shop, and they want their apps to talk to apps that use OAuth and so forth with a minimal set of changes (leveraging and leaving unchanged what MS Windows AD provides to their legacy apps).
There is a need for this use case in the way I see it, despite the fact that Kerberos is a 30 years old protocol.