Stack Overflow
Stack Overflow

Questions tagged [gssapi]

GSS-API is an IETF standard that addresses the problem of many similar but incompatible security services in use today.

Generic Security Service Application Program Interface () provides vendor-neutral authentication services to callers in a generic fashion, supportable with a range of underlying mechanisms and technologies and hence allowing source-level portability of applications to different environments.

Commonly-used negotiation mechanisms include and during transactions between client and server.

GSSAPI is defined in RFC 2743.

274 questions
1
vote
1 answer

SASL-GSSAPI on windows fails during bind

I have tried below lined of code on RHEL it works so great. On Linux I just have to acquire the Kerberos ticket. mport ldap import ldap.sasl conn=ldap.initialize('ldap://auto.test-auto.com',trace_level=2) conn.set_option(ldap.OPT_PROTOCOL_VERSION,…
Susant
  • 21
  • 3
1
vote
0 answers

SVN Authentication for encrypted passwd or SASL-GSSAPI

We currently use the auth_ldap with apache for authentication and due to security compliance we have to change the auth for SVN. The requirement is pretty simple. Users cannot save password unencrypted locally on clients. Ofcourse, the password can…
Prashanth Sundaram
  • 161
  • 3
1
vote
1 answer

ldap_sasl_bind - GSSAPI for NTLM authentication

Does ldap_sasl_bind_s support NTLM authentication via GSSAPI? It seems that this is variable to the underlying implementation (GSSAPI for NTLM authentication). I am trying to use NTLM authentication to an Active Directory server.
Daniel Hwang
  • 13
  • 3
1
vote
2 answers

gss_init_sec_context return No credentials cache found (Windows, C++)

I try use gssapi32.dll in my application but I receive exception when app start name like 'HTTP/proxy.domain.com@domain.com' I saw this name in Kerberos Ticket Tools but I receive "No credentials cache found" maybe anybody already has similar…
Galbarad
  • 461
  • 3
  • 16
1
vote
1 answer

Java GSSAPI: Compare two GSSCredential Instances

My code currently works fine executing SPNEGO (Kerberos) authentication for users of my website. I have a special caching mechanism in place to accelerate some decisions based on confirmation of the user's identity. For plain password…
Diego Rivera
  • 141
  • 3
0
votes
1 answer

Using TGT acquired in Java for SSH/Other applications

Currently, I am able to authenticate users in a java application by using JAAS and grabbing the ticket-granting-ticket that is sent from a Windows server running Active Directory. This is easily done with the Krb5LoginModule in java. Now I would…
Kevin S
  • 2,713
  • 24
  • 31
0
votes
0 answers

Kerberos SSO with Apache and Zammad not working

I want to introduce the ticket system Zammad with SSO, but after days of configuration it's not working. The LDAP source is Active Directory. I installed it on Debian 12 and switched from Nginx to Apache as described in the SSO tutorial from…
Christof
  • 1
0
votes
0 answers

Authenticate against a remote system in Eclipse using GSSAPI

When I'm trying to connect to a remote system in Eclipse using GSSAPI, Eclipse asks me for the active directory user's password. I know that there are configurations in Eclipse "Preferences" -> "Network Connection" -> "SSH2" -> "Authentication…
The_Sound_Maker
  • 11
  • 2
0
votes
0 answers

Access to LDAP using a keytab in Java

I want to access an LDAP directory in Java using a keytab. However, my keytab appears as null. Password access works with this code after the logincontext has been created (I get my tickets in kerberos): Hashtable env = new…
Camille B
  • 1
0
votes
0 answers

Connect node app to MongoDB without kerberos

Im trying to access a mongoDB dB in our dev environment which is hosted on Unix servers and seems to use some GSSAPI authentication For our deployed spring java and node microservices, it is hosted on OpenShift along with several files like…
CaptainObv
  • 360
  • 1
  • 4
  • 15
0
votes
0 answers

SunJGSS in FIPS mode

I need to use "SunJGSS" as one of the security providers in a FIPS environment. Is there a FIPS version of the "SunJGSS" Provider or if the underlying JCE/JCA is a FIPS provider meant to use the FIPS crypto impl and qualify to be a FIPS…
Kedarnath
  • 260
  • 1
  • 3
  • 13
0
votes
0 answers

How do I use Kerberos tickets to execute commands via SSH on a remote server?

I would like to host a web service (Jupyterhub) which executes the following steps for a user: Acquire Kerberos ticket from user Use Kerberos ticket to spawn batch job on remote server Therefore, I would need some python snippet to handle the…
Hoeze
  • 636
  • 5
  • 20
0
votes
1 answer

How to set preferred Kerberos/GSSAPI library in ssh config file?

I can connect to a remote host using Kerberos in PuTTY on Windows 10, but I cannot do the same thing in VS Code. In PuTTY, there is a setting (see below) that specifies the order of GSSAPI libraries: Since this answer states that Windows "has two…
SamTulster
  • 59
  • 1
  • 8
0
votes
0 answers

I already install krb5-devel and confirm krb5-config command is present but when installing gssapi I got krb5-config not found

I have a container file that uses the base image of fedora 37. I want to install some python libraries and some of them require gssapi. I know that gssapi requires krb5-devel. I have a step to install that and I can confirm that it works by calling…
Jane
  • 151
  • 3
  • 12
0
votes
0 answers

How to verify user credentials against companys LDAP-Server via PHP (Server is accessible via LDAP Admin)?

I am trying to write an application in php, that verifies user-credentials against the companys ldap-server. The application runs on a virtual (Debian) Server located inside the company. What I have accomplished so far is installing "LDAP Admin" on…
Paco
  • 13
  • 1
  • 6
1 2 3
18 19