![]() However, in some legacy environments, customers will still have no other option but to go with good old LDAP server, where identities are checked against Active Directory LDAP or any other LDAP server (OpenLDAP perhaps). Inside corporate networks, Kerberos is still a valid (and secure) option, plus it’s possible to expose it to external (public) clients by using Kerberos Constrained Delegation (KCD) protocol transition. Modern authentication scenarios for web access usually include federated identities with claims-based authentication (SAML, Oauth2, etc), which is rapidly becoming a de-facto standard, especially with rapid growth of BYOD devices on client side and SaaS apps on the server side.
0 Comments
Leave a Reply. |