Managing Multiple Realms
Considering a Trust RelationshipConsidering a Trust RelationshipYou can establish a multiple realm environment within your enterprise. Regardless of the reason, if principals in one realm need access to secured services supported in a different realm, you must establish a trust relationship between the realms.
When two distinct realms share secret keys, the two realms are said to trust each another. With that trust in place, principals can securely access services in their native realm as well as those in the trusted foreign realm.
Interrealm authentication begins with relying on a secure authentication between users and the security server in a single realm. The shared interrealm key between trusted servers provides the extra link to create a chain of trust that allows a principal in one realm to authenticate to a service in a trusted foreign realm. To establish a trust relationship, administrators for both realms must have a agreement.
You can configure your Kerberos servers for interrealm authentication based on
In interrealm authentication,
In simple terms, if Harry trusts Sally with his secrets, but Sally does not trust Harry with her secrets, Harry and Sally have a
In interrealm authentication,
In simpler terms, if Harry trusts Sally with his secrets, and Sally trusts Harry with her secrets, Harry and Sally have a
Chapter 10 | 277 |