directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <>
Subject Kerberos progress
Date Sat, 04 Dec 2010 03:45:28 GMT
Hi guys,

still cleaning the place, but we definitively make progress. Yesterday, 
Kiran and I removed many of the old data structures to replace them with 
the new ones, adjusting them when needed.

So far, the first exchange from a client to the server is working back :
AS-REQ --> server --> KRB-ERROR (requesting for PaAuth). That means the 
message sent by the client has been fully decoded, and the error sent 
back (a functional and expected error) has been encoded and sent.

We have now to continue to fix the next exchanged messages, but I think 
we can move fast. Remember that we are still in a branch, so don't 
worry, we aren't breaking the trunk.

One issue we have is that we use PrincipalName when the current 
implementation is using a KerberosPrincipal all over the code (the 
difference is that the KerberosPrincipal contains the realm). We have to 
fix that.

I hope we can have most of the code fixed in a few days now, as it's 
going faster than expected (way faster than writing all the 

Stay tuned !

Emmanuel L├ęcharny

View raw message