On Wed, 6 Dec 2006 14:58:43 -0500
Dennis Putnam <[EMAIL PROTECTED]> wrote:
> I am writing a perl script that uses the Authen:Krb5 module. The
> script is simply trying to obtain an initial ticket. The problem
> arises when I try to run the script from a PHP page. The script fails
> with the
I have installed kfw 3.1.0 (on Vista Enterprise). I cannot get k524init
application to work. It complains about missing krb4_32.dll library. I did not
see anything in the release notes stating that 524 conversion is not supported
anymore. How can I resolve this?
Thanks,
Beata Pruski
Obviously, rule out that you have permissions to write to wherever
this perl mod wants to put it's tickets... but... another possibility
is that this is similar to the problem I ran into when I was trying
to use Kerberos from within a system service not associated with a
login.
Apple uses
I am writing a perl script that uses the Authen:Krb5 module. The
script is simply trying to obtain an initial ticket. The problem
arises when I try to run the script from a PHP page. The script fails
with the call that initializes the ccache ($cc->initialize
($pclient)). The error, according
On Wed, 6 Dec 2006 13:33:20 -0300
"Diego Lima" <[EMAIL PROTECTED]> wrote:
> On Wed, 6 Dec 2006 16:22:27 -, Tim Alsop wrote
> > What URL are you using when you request access to the web site ?
>
> I can reach the website through its IP address or its DNS name (estagiario6).
> So I can access
On Wed, 6 Dec 2006 18:49:53 +0100, Achim Grolms wrote
> > network.auth.use-sspi true
>
> if true this means Firefox uses the Win32-API (calles SSPI).
> Set this to false to use a 3rd party GSSAPI.
Whenever I set this to false my browser stops trying to negotiate (it simply
w
On Wednesday 06 December 2006 18:29, Diego Lima wrote:
> network.auth.use-sspi true
if true this means Firefox uses the Win32-API (calles SSPI).
Set this to false to use a 3rd party GSSAPI.
(automatically switches network.negotiate-auth.using-native-gsslib
to 'true', this wo
> Firefox can be configured to use Windows builtin "GSSAPI"
> (the correct name is "SSPI") or a third party GSSAPI implementation
> like KfW. use about:config
> dialog to choose the implementation you want to use.
I`ve been trying to do that for a while now. Here are my about:config settings
relat
On Wednesday 06 December 2006 17:33, Diego Lima wrote:
> [Mon Nov 06 14:16:11 2006] [error] [client 192.168.130.224]
> gss_accept_sec_context() failed: A token was invalid (Token header is
> malformed or corrupt)
Client sends NTLM instead of Kerberos5.
> I have also taken a look and noticed that
On Wednesday 06 December 2006 15:15, Diego Lima wrote:
> On Tue, 5 Dec 2006 19:41:23 -, Tim Alsop wrote
>
> > It is not possible to configure IE to use anything other than LSA
> > for getting credentials, however Firefox can be configure to use a
> > GSS-API library
> Am I missing something?
On Wed, 6 Dec 2006 16:22:27 -, Tim Alsop wrote
> What URL are you using when you request access to the web site ?
I can reach the website through its IP address or its DNS name (estagiario6).
So I can access both using http://192.168.130.222 or http://estagiario6. I
don't think it's a server
Diego,
What URL are you using when you request access to the web site ? E.g. if you
enter http://server.domain.com, the browser will request a service ticket
called HTTP/server.domain.com@. Perhaps you can check if the
cache on workstation contains this ticket after you attempt to logon ?
Than
On Tue, 5 Dec 2006 19:41:23 -, Tim Alsop wrote
> It is not possible to configure IE to use anything other than LSA
> for getting credentials, however Firefox can be configure to use a
> GSS-API library
Thank you for your tip, I was able to find some documents regarding
configuring firefox b
>No. The protocol carries information about when the password is due to
>expire; it's up to the client to decide what to do with this data (of
>course, if the password is expired, the KDC will return an error).
>
>There are two ways in which password expiration data can be carried in the
>Kerbe
I think I could do the same with MIT kfw, but I would prefer to do it
without installing additional software.
Thanks
Markus
"Tim Alsop" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Markus,
>
> The Open Client uses GSS-API, and when used with the CyberSafe
> TrustBroker Applicat
15 matches
Mail list logo