rissson
commented
1 year ago I want to work on this.
Open rissson opened 1 year ago
rissson
commented
1 year ago I want to work on this.
Mareo
commented
1 year ago I want to work on this.
rqi14
commented
11 months ago Hi. Is this going to be implemented in the near future?
rissson
commented
11 months ago @Mareo and I definitely plan to continue working on this. We have some stuff going currently but we will pick this up at some point.
rqi14
commented
11 months ago @Mareo and I definitely plan to continue working on this. We have some stuff going currently but we will pick this up at some point.
Sounds great! It will be very helpful if this feature comes true. Thank you both very much
alteredtech
commented
1 month ago Just checking to see if there was an update on this? Looking at the PR draft, there hasnt been a commit in a year. Is this on the roadmap at all?
Describe the idea
Implement a Kerberos provider. authentik would act as a KDC, allowing users to get keytabs for services.
I've already laid out some ground work at https://github.com/rissson/authentik/tree/kerberos-as-proxy, but that's very much a WIP.
The idea behind that implementation is that authentik would receive KDCProxy requests at
/application/k/my_app/proxy/, decode them and process the request from there. Technically, it could be implemented as an outpost, but I don't want to do that as we need to make some database access (as the user's keytab is retrieved multiple times during authentication), and because I don't want to write Go for fun.If you want to help working on this idea or want to contribute in any other way, react to this issue with a :rocket: