i18n issue for kerberos error messages

Hi, I believe I can get all the kerberos error codes/messages somewhere on-line, however I'm wondering has any efforts been done for the localization of it assuming somebody might want to present the error messages in different locales. I know this might sound a bit impractical since user

encryption algorithm used by kerberos

Hi, In the kerberos authentication process, it does encryption a lot to guarantee the security. Hoever from the materials I read it seems it's using DES encryption method behind it which is not considered safe anymore, so are we going to use a more advanced algorithm or we've done that

RE: MIT Kerberos: is it Thread-Safe?

Are you sure Heimdal is thread-safe? Like a month ago I checked with them and theirs is not thread-safe either. Kent -Original Message- From: Nikola Milutinovic [mailto:[EMAIL PROTECTED] Sent: Monday, July 21, 2003 10:14 PM To: [EMAIL PROTECTED] Subject: MIT Kerberos: is it Thread-Safe?

unresolved external symbol __imp__GSS_C_NT_HOSTBASED_SERVICE forkerberos 1.3 windows version

Hi, I tried to build a sample windows program by using kerberos 1.3 win version, in this program I use gss_import_name() and it takes (gss_OID) GSS_C_NT_HOSTBASED_SERVICE as a parameter. However during the link time it always complains as subject title. I "dumpbin/exports" all the .lib

RE: GSSAPI x Kerberos

Hi Tim, Yes, I'm interested. My question is does I.E or netscape support kerberos authentication? My impression was not however my data might be outdated. Then even if the browser supports, it means the browser needs to get TGT and service ticket for proxy/web server, and the proxy/web

RE: GSSAPI x Kerberos

Is that true when IIS issues "WWW-Authenticate: Negotiate" it actually means NTLM? Supposedly after win 2000 Kerberos replaced NTLM to became the default authentication mechanism in win but I'm not sure how they integrate kerberos into HTTP traffic. And if kerberos authentication is doable, how

kerberos authentication disables LDAP operation?

Hi, I tried to use LDAP SDK to connect to AD, the odd thing is if I adopts simple authentication by using ldap_simple_bind_s() then I can search, compare, ..etc. However if I use kerberos authentication by using GSS-API and ldap_sasl_bind_s() after getting TGT, it would pass the authent

How to test if TGT has expired by using Kerberos API's?

Hi: I've written a program to get TGT then do the Kerberos authentication by using GSS-API afterwards but I also want to do it in a smarter way. What I tried to achieve is I want to check if it expires or not, if so then I issue a real TGT request otherwise I can save a trip. Or if ther

FW: memory leak in some Kerberos APIs?

Hi, can you guys help on this one or should I just file a bug then? Thx. Kent -Original Message- From: Kent Wu (RD-US) Sent: Thursday, June 05, 2003 6:12 PM To: [EMAIL PROTECTED] Subject: memory leak in some Kerberos APIs? Hi: In my Solaris 8 machine I used some MIT Kerberos

RE: how to achieve what kinit does programmatically?

Sam, thx for the info. Two questions: 1.After I downloaded the MIT Kerberos package, there is a doc folder created however I couldn't find the description for API krb5_get_init_creds_password(), did I miss something here? 2. Basically what I want to achieve is that assuming I already have user/