Stack Overflow
Stack Overflow

Questions tagged [gssapi]

GSS-API is an IETF standard that addresses the problem of many similar but incompatible security services in use today.

Generic Security Service Application Program Interface () provides vendor-neutral authentication services to callers in a generic fashion, supportable with a range of underlying mechanisms and technologies and hence allowing source-level portability of applications to different environments.

Commonly-used negotiation mechanisms include and during transactions between client and server.

GSSAPI is defined in RFC 2743.

274 questions
1
vote
3 answers

How do I interact with a kerberos server from my own application

My network has a kerberos server for username/password authentication. Machines that run my application have functioning kerberos clients, so users can use kinit, etc. How do I interact with the server programatically, from my own custom…
John McAleely
  • 1,929
  • 2
  • 18
  • 35
1
vote
1 answer

Is there gss/kerberos auth support on client side of apache mina sshd core version 1.3.0 release

I have been using apache-mina-sshd to write a java ssh client to connect to an ssh server using kerberos[GSS/keytab] authentication. but i didn't find any useful resource to do it. Can any one say whether sshd support client side GSS authentication…
Naruto
  • 53
  • 9
1
vote
2 answers

Weblogic 12c kerberos application

I have written an application which extends CAS 3.5.3 CAS supports Kerberos protocol for authentication. So when I deploy this application on tomcat/jboss etc, I am able to login to my application via Kerberos. I have done settings on jboss. However…
Nikhil L
  • 175
  • 1
  • 3
  • 16
1
vote
0 answers

Kerberos Authentication. Defective token detected

I developing a web application with kerberos (v1.0.1) authentication. My aim is to provide a login through the windows authentication Active Directory (Windows Server 2008 R2). The problem is that the browser send to the Back End NTLM ticket instead…
Matteo Codogno
  • 1,569
  • 6
  • 21
  • 36
1
vote
0 answers

Access rest service which is secured with kerberos

I have deployed two war files in two nodes in the same JBoss server. I want to access a REST service from a Java class. But it is throwing a HttpClientErrorException: 401 Unauthorized. The application is secured with Kerberos so user is already…
Milinda Saranga
  • 205
  • 3
  • 13
1
vote
0 answers

Configuring GSSAPI and Cyrus SASL

I've been trying to configure GSSAPI and Cyrus SASL, following this guide. It seems pretty straightforward, except for the very first step, "1. Compile the Cyrus-SASL distribution with the GSSAPI plugin for your favorite GSS-API mechanism." I can't…
Garretonzo
  • 11
  • 2
1
vote
1 answer

Using krb5 API to get credential and use it to access secure HDFS

So problem is to access a Kerberos secured HDFS, using C++, given a keytab. Somehow I must use krb5 APIs and a keytab to authenticate the program and furthur access the HDFS. So for example, if I use krb5_get_init_creds_keytab to get credentials, I…
pythonician_plus_plus
  • 1,244
  • 3
  • 15
  • 38
1
vote
1 answer

Kerberos + Wildfly 9: GSSAPI: No implementation found

I'm trying to authenticate users using wildfly console to kerberos. I followed the guide:…
Peter Butkovic
  • 11,143
  • 10
  • 57
  • 81
1
vote
0 answers

The specified principle is not known in the authentication system

I have a C# client based on SSPI and Java server based on GSSAPI. The flow communication flow is as below. Client creates TGT Client passes TGT to server Server uses the TGT and generates server token Server passes the server token to…
Hasanthi
  • 1,251
  • 3
  • 14
  • 30
1
vote
1 answer

Error: Java GSS-API with SPNEGO: Server not found in Kerberos database (7)

I'm trying to get this tutorial to work: https://docs.oracle.com/javase/8/docs/technotes/guides/security/jgss/lab/part5.html I'm running a Kerberos KDC on a VM and used this guide for setting it up:…
J. Horn
  • 19
  • 1
  • 3
1
vote
2 answers

JAAS Kerberos not adding keys from keytab as I expect

So I'm trying to implement a SSO/Integrated security system for an AIX server (so IBM JRE). It uses Kerberos to authenticate against AD. Keep in mind the data below is sanitized. Command my AD admin used to create the keytab file on the AD server…
zeusalmighty
  • 1,374
  • 2
  • 8
  • 17
1
vote
0 answers

MIT Kerberos tool makes JAAS able to access the Windows LSA? How to do it without the tool

Running a Java app using JAAS i got a surprising effect: The Java client-application wasn't able to access windows LSA, until i installed the MIT Kerberos tool 'kfw-4.0.1-i386.msi' ? The JAAS conf file settings: WEBSTART_CLIENT_CONTEXT { …
Houtman
  • 2,819
  • 2
  • 24
  • 34
1
vote
0 answers

Spring LdapContextSource authentication with GSSAPI

Is it possible to authenticate Spring LDAP context (LdapContextSource) source with GSSAPI Map baseEnvironmentProperties = new HashMap(); LdapContextSource contextSource= new LdapContextSource(); …
user2263197
  • 97
  • 1
  • 12
1
vote
1 answer

Java 1.8 JAAS doesn't recognize the principal in my own generated keytab

Java can't find my principal name in my own keytab file? I was expecting Java JAAS module to generate a TGT when it finds the principal in my keytab file. I also used kinit on the same keytab file and that does work. Although JAAS finds the keytab…
Houtman
  • 2,819
  • 2
  • 24
  • 34
1
vote
1 answer

Passing Kerberos ticket as parameter in SOAP web service call

Any tips on how to accomplish the following would be appreciated: Application A needs to call a SOAP web service (Application B) for a given user. Application A has authenticated the user using our own internal web security processes and knows the…
Jeff F.
  • 11
  • 4
1 2 3
18 19