directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <ayyagariki...@gmail.com>
Subject Fwd: [ApacheDS] File credentials cache for Kerberos
Date Mon, 19 Aug 2013 18:36:34 GMT
---------- Forwarded message ----------
From: Kiran Ayyagari <ayyagarikiran@gmail.com>
Date: Tue, Aug 20, 2013 at 12:06 AM
Subject: Re: [ApacheDS] File credentials cache for Kerberos
To: "Zheng, Kai" <kai.zheng@intel.com>





On Mon, Aug 19, 2013 at 7:25 PM, Zheng, Kai <kai.zheng@intel.com> wrote:

>  Hi Kiran,****
>
> ** **
>
> Thanks for your help. I understand that KdcConnection->getTgt() can be
> called to request a TGT ticket with specified principal and password. My
> question is how to store the result TGT ticket in File Credential Cache
> (FCC) like kinit does. I would clarify that it’s not to store the password
> of a principal to a file as keytab does. Thanks. ****
>
> **
>
ahh, I see, I just thought you want to store some data in a keytab.
currently there is no support for FCC creation, if you would like to
work on it here[1] is the format

[1]
https://www.gnu.org/software/shishi/manual/html_node/The-Credential-Cache-Binary-File-Format.html

> **
>
> Regards,****
>
> Kai****
>
> ** **
>
> *From:* ayyagarikiran@gmail.com [mailto:ayyagarikiran@gmail.com] *On
> Behalf Of *Kiran Ayyagari
> *Sent:* Monday, August 19, 2013 6:10 PM
> *To:* Apache Directory Developers List
> *Subject:* Re: [ApacheDS] File credentials cache for Kerberos****
>
> ** **
>
> ApacheDS comes with a kerberos client see[1] and you can make use of
> Keytab class[2]****
>
> to write TGTs to a file.****
>
> HTH****
>
>
> [1]
> http://svn.apache.org/repos/asf/directory/apacheds/trunk/kerberos-client
> [2]
> http://svn.apache.org/repos/asf/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/keytab/
> ****
>
> ** **
>
> On Mon, Aug 19, 2013 at 2:52 PM, Zheng, Kai <kai.zheng@intel.com> wrote:**
> **
>
> Hi all,****
>
>  ****
>
> I’m new to ApacheDS, and know that it provides a KDC, which is very useful
> for Kerberos related automation tests. I’m looking for some feature or
> codes to cache TGT in file in compatible format with krb5 FCC . The cached
> TGT as credentials can be loaded from the file cache by other tools or
> libraries like Krb5LoginModule (a JAAS module bundled in JRE) and then used
> to do login or whatever. After some investigation, I realized it may need
> development effort. Before I dive into this, could you please confirm I’m
> not missing something? I’m wondering if ApacheDS would come up kinit like
> tools for itself, if so then credentials cache for TGT would be a good
> starting, and I’d like to contribute when get more inputs.****
>
>  ****
>
> Thanks & regards,****
>
> Kai ****
>
>
>
>
> --
> Kiran Ayyagari
> http://keydap.com ****
>



-- 
Kiran Ayyagari
http://keydap.com



-- 
Kiran Ayyagari
http://keydap.com

Mime
View raw message