I'm trying to do SASL auth betweeen a windows C++ client and a java server. On the client side I'm doing:
AcquireCredentialsHandle(NULL, "Kerberos", SECPKG_CRED_OUTBOUND, NULL,
&credentials, NULL, NULL, &hCred, &tsExpiry);
scRet = InitializeSecurityContext(&hCred, NULL, targetName,
ISC_REQ_ALLOCATE_MEMORY, 0,
SECURITY_NATIVE_DREP, NULL, 0,
hContext, &OutBuffer,
&dwSSPIOutFlags, &tsExpiry);
with:
credentials = ("myuser","mypassword", "MYDOMAIN.ORG")
targetName = "myservice/node0"
the domain has no relation with the windows client domain.
The result I got at the moment is:
scRet = SEC_E_NO_AUTHENTICATING_AUTHORITY
I know that the kerberos implementation for InitializeSecurityContext should contact the ApacheDS kdc and ask for a ticket, so I think that the first problem to solve here is: how the inizialize function can discover hostname and port of the kdc server (which are localhost:6088 by the way)?
I tried using ksetup:
ksetup /AddKdc MYDOMAIN.ORG localhost:6088
but with no luck.
