directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zheng, Kai" <kai.zh...@intel.com>
Subject RE: [ApacheDS] File credentials cache for Kerberos
Date Mon, 19 Aug 2013 13:55:43 GMT
Hi Kiran,

Thanks for your help. I understand that KdcConnection->getTgt() can be called to request
a TGT ticket with specified principal and password. My question is how to store the result
TGT ticket in File Credential Cache (FCC) like kinit does. I would clarify that it's not to
store the password of a principal to a file as keytab does. Thanks.

Regards,
Kai

From: ayyagarikiran@gmail.com [mailto:ayyagarikiran@gmail.com] On Behalf Of Kiran Ayyagari
Sent: Monday, August 19, 2013 6:10 PM
To: Apache Directory Developers List
Subject: Re: [ApacheDS] File credentials cache for Kerberos

ApacheDS comes with a kerberos client see[1] and you can make use of Keytab class[2]
to write TGTs to a file.
HTH

[1] http://svn.apache.org/repos/asf/directory/apacheds/trunk/kerberos-client
[2] http://svn.apache.org/repos/asf/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/keytab/

On Mon, Aug 19, 2013 at 2:52 PM, Zheng, Kai <kai.zheng@intel.com<mailto:kai.zheng@intel.com>>
wrote:
Hi all,

I'm new to ApacheDS, and know that it provides a KDC, which is very useful for Kerberos related
automation tests. I'm looking for some feature or codes to cache TGT in file in compatible
format with krb5 FCC . The cached TGT as credentials can be loaded from the file cache by
other tools or libraries like Krb5LoginModule (a JAAS module bundled in JRE) and then used
to do login or whatever. After some investigation, I realized it may need development effort.
Before I dive into this, could you please confirm I'm not missing something? I'm wondering
if ApacheDS would come up kinit like tools for itself, if so then credentials cache for TGT
would be a good starting, and I'd like to contribute when get more inputs.

Thanks & regards,
Kai



--
Kiran Ayyagari
http://keydap.com

Mime
View raw message