>> A long time ago we had developed a small Kerberos proxy that forwarded >> on Kerberos messages by prepending the source IP address/port to the >> UDP message (our KDC at the time was modified to recognize this and >> sent the prepended bytes back to the proxy so it could send it to the >> correct originator). > >OK, did you had to support iOS and macOS endpoint on that context? >(we are looking for Kerberos support for them, to use with Apple SSO >Kerberos features)
This WAY predated iOS! (the proxy was for the Kerberos 4 protocol) But I can say with certainty that the MacOS X Kerberos libraries (based on Heimdal) will default to UDP in many cases. And on MacOS X you can run into a case where you might be using a different Kerberos implementation than the operating system libraries. --Ken ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos