mech_spnego man page on OpenIndiana

Man page or keyword search:  
man Server   20441 pages
apropos Keyword Search (all sections)
Output format
OpenIndiana logo
[printable version]

mech_spnego(5)	      Standards, Environments, and Macros	mech_spnego(5)

NAME
       mech_spnego - Simple and Protected GSS-API Negotiation Mechanism

SYNOPSIS
       /usr/lib/gss/mech_spnego.so.1

DESCRIPTION
       The  SPNEGO  security mechanism for GSS-API allows GSS-API applications
       to negotiate the actual security mechanism to be used  in  the  GSS-API
       session. mech_spnego.so.1 is a shared object module that is dynamically
       opened by applications that specify the SPNEGO Object Identifier	 (OID)
       in calls to the GSS-API functions (see libgss(3LIB)).

       SPNEGO  is  described  by  IETF	RFC 2478 and is intended to be used in
       environments where multiple GSS-API mechanisms  are  available  to  the
       client  or  server and neither side knows what mechanisms are supported
       by the other.

       When SPNEGO is used, it selects the list of mechanisms to advertise  by
       reading	the  GSS  mechanism  configuration  file,  /etc/gss/mech  (see
       mech(4)), and by listing all active mechanisms except for itself.

OPTIONS
       SPNEGO may be configured to function in two ways. The first way	is  to
       interoperate  with  Microsoft SSPI clients and servers that use the Mi‐
       crosoft "Negotiate" method, which is also based on SPNEGO.  The	Micro‐
       soft  "Negotiate"  mechanism  does  not	strictly  follow the IETF RFC.
       Therefore, use special handling in order to enable full	interoperabil‐
       ity.  In order to interoperate, place option "[ msinterop ]" at the end
       of the SPNEGO line in /etc/gss/mech.

       This is an example (from /etc/gss/mech):

	 spnego	   1.3.6.1.5.5.2  mech_spnego.so [ msinterop ]

       Without the "[ msinterop ]" option, mech_spnego will follow the	strict
       IETF  RFC 2478 specification and will not be able to negotiate with Mi‐
       crosoft applications that try to use the SSPI "Negotiate" mechanism.

INTERFACES
       mech_spnego.so.1 has no public interfaces. It  is  only	activated  and
       used  through  the  GSS-API  interface  provided	 by  libgss.so.1  (see
       libgss(3LIB)).

FILES
       /usr/lib/gss/mech_spnego.so.1

	   shared object file

       /usr/lib/sparcv9/gss/mech_spnego.so.1

	   SPARC 64-bit shared object file

       /usr/lib/amd64/gss/mech_spnego.so.1

	   x86 64-bit shared object file

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       ┌─────────────────────────────┬─────────────────────────────┐
       │      ATTRIBUTE TYPE	     │	    ATTRIBUTE VALUE	   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Availability		     │SUWNspnego		   │
       ├─────────────────────────────┼─────────────────────────────┤
       │MT Level		     │Safe			   │
       └─────────────────────────────┴─────────────────────────────┘

SEE ALSO
       Intro(3), libgss(3LIB), mech(4), attributes(5)

       Solaris Security for Developers Guide

SunOS 5.11			  4 Oct 2004			mech_spnego(5)
[top]

List of man pages available for OpenIndiana

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net