0

Using MIT gss-api libraries, I've written a C program which gets as an input the full Negotiate token and performs the kerberos authentication (using keytab on the server side). The program successfully calls gss_acquire_cred and then gss_accept_sec_context and I'm able to create the context and get back the client token.

Now, how can I get the client principal name / user name? I thought that maybe calling krb5_build_principal is the right way but I don't see how to get all the input parameters for this function

nambar
  • 573
  • 1
  • 5
  • 17

1 Answers1

0

As you as you have a context handle on the acceptor side, you can callgss_inquire_context to inquire for the src_name who initiated (your client) the context or you request gss_accept_sec_context directly to return that value. Sample code available on request.

Michael-O
  • 18,123
  • 6
  • 55
  • 121