Has anyone encountered an issue compiling Kerberos 1.2.5 on a Tru64 {5.0 or
5.1) box using Compaq's C compiler? Any pointers would be welcome.
Thanks - Peter
(Error message below)
-=-
making all in util/pty...
if cmp /tmp/krb5/dist/src/util/pty/libpty.h ../../include/libpty.h
>/dev/null 2>&
> "ajk" == Andrew J Korty <[EMAIL PROTECTED]> writes:
ajk> What might cause an MIT krb5kdc process to dump files in /var/tmp
ajk> about 20k in size every 40 minutes or so? The filenames begin
ajk> with "krb5_RC" (so I assume they have to do with the replay
ajk> cache), followed by the krb5kd
What might cause an MIT krb5kdc process to dump files in /var/tmp
about 20k in size every 40 minutes or so? The filenames begin with
"krb5_RC" (so I assume they have to do with the replay cache), followed
by the krb5kdc process id, followed by a three-letter uniquifier.
The files persist across
So one should not expect KDC output when running "gsscred -a"?
[EMAIL PROTECTED] wrote in message
news:<[EMAIL PROTECTED]>...
> The gsscred command makes GSS/Kerberos names out of usernames.
> That's all it does.
>
> So what could there be for the KDC to do for gsscred? Principal
> name validat
On Mon, Jul 08, 2002 at 03:20:36PM -0400, Ken Hornstein wrote:
> I believe Sam Hartman already pointed out that generating a new network
> protocol to communicate with the KDC is a Really Bad Idea. In general,
> that part of Kerberos is supposed to be invisible to you. You could
> do that (I bel
>I am interested in building a system (similar to Microsoft's .Net My
>Services) that is a family of web services that clients authenticate
>against using Kerberos. The idea is to have clients hit the KDC via
>SOAP calls over SSL and get the ticket. Then they ask the KDC for a
>ticket to communica
[EMAIL PROTECTED] (jeremy redburn) writes:
[...]
> But this doesn't seem to fit into the idea of how Kerberos
> authentication works. Is anyone doing Kerberos authentication via SOAP
> calls? What do people recommend for an authentication mechanism for a
> family of web services?
Try the follow
I am not working on Kerberos authentication via SOAP, but it is my understanding that
IBM's and Microsoft's WS-Security adds XML Signature and XML Encryption to SOAP and
that authentication is implicit in each message, and that you will need to explicitly
send KRB_AP_REQ and KRB_AP_REP message
A little trouble understanding kerberos GSS-API.
My KDC is Windows 2k
host1 is solaris 7
host2 is NT 4 with leash32 2.1.1.1
On my 2k KDC I defined the following principals.
ktpass -princ [EMAIL PROTECTED] -mapuser user1 -pass
password -out 1.keytab
ktpass -princ [EMAIL PROTECTED] -mapuser us
I am interested in building a system (similar to Microsoft's .Net My
Services) that is a family of web services that clients authenticate
against using Kerberos. The idea is to have clients hit the KDC via
SOAP calls over SSL and get the ticket. Then they ask the KDC for a
ticket to communicate wi
The gsscred command makes GSS/Kerberos names out of usernames.
That's all it does.
So what could there be for the KDC to do for gsscred? Principal
name validation? A principal name might be valid one moment,
and later not (e.g., a user might be fired/layed off or quit
soon after you create a gss
11 matches
Mail list logo