Stack Overflow
Stack Overflow

Questions tagged [gssapi]

GSS-API is an IETF standard that addresses the problem of many similar but incompatible security services in use today.

Generic Security Service Application Program Interface () provides vendor-neutral authentication services to callers in a generic fashion, supportable with a range of underlying mechanisms and technologies and hence allowing source-level portability of applications to different environments.

Commonly-used negotiation mechanisms include and during transactions between client and server.

GSSAPI is defined in RFC 2743.

274 questions
0
votes
0 answers

Apache Fallback Authentication from GSSAPI to Mellon

I have an Apache server where users authenticate to a website through Kerberos/GSSAPI (mod_auth_gssapi). In the event of a user attempting to visit the site externally (not available on the network ldap server), I would like to fallback to SAML…
Millions of Peaches
  • 1
  • 3
0
votes
0 answers

How to config Waffle Windows SSO to use only Kerberos not NTLM V2?

Seems waffle-spring-security4 is only configured to use NTLM, not Kerberos. But Kerberos tickets need to perform user delegation and run the openSSH by GSSAPI authentication. NTLM and Kerberos(successor) both are different authentication protocols…
Chandru
  • 81
  • 1
  • 9
0
votes
1 answer

Populating LoginContext

Is there anyway i can populate a LoginContext rather than using the callbackhandler? my program will recieve username and password (what the callbakchandler deals with),i want to use them rather than manually input the information. Is there anyway…
owdo
  • 11
  • 2
0
votes
1 answer

Can't authenticate using SSH on Kerberos client from Kerberos server

I have a Kerberos server and a Kerberos client on one Realm. Both of these machines have OpenSSH Server and Client installed and configured in the same way to use Kerberos GSSAPI authentication. I can easily connect from the client to the server but…
Bnr
  • 33
  • 5
0
votes
1 answer

Adapting the forwarding to Flask application with routes and static files with the Apache 2

There is a Flask Application running on the http://servername.com:5000/. It encapsulates some Bootstrap and static files provided in gis_webapp/static/... which works the way it should. This is the tree of the project: gis_webapp ├── __init__.py ├──…
Taras
  • 266
  • 6
  • 23
0
votes
1 answer

Kerberros GSSAPI doesn't work within kafkacat alpine container

Previously I've reported it into kafkacat tracker but the issue has been closed as related to cyrus-sasl/krb5. podman run --rm -it --name kafkacat-DEV \ -v$(pwd)/conf/integration:/conf -v$(pwd)/conf/integration/krb5.conf:/etc/krb5.conf \ …
Hubbitus
  • 5,161
  • 3
  • 41
  • 47
0
votes
1 answer

Kerbtray realm and kdc for java gss-api

I'm using kerbtray.exe on Win7. How do I know exactly what the realm and kdc is for a java gss-api login?
hawkeye
  • 34,745
  • 30
  • 150
  • 304
0
votes
1 answer

how to connect to multiple-server- machine in GSS?

There some machines: client C1, server : master, s1, s2 C1 connect to master and do the authentication, then the job runner was created at s1 and s2, C1 and s1, s2 need security communication. how to do this through Kerberos/GSS-API. master , s1…
Da Ma
  • 391
  • 4
  • 17
0
votes
0 answers

kerberos token using java GSS API which is equivalent to token created while singing in to Windows

Is it possible to generate a kerberos token using java GSS API which is equivalent to token created while singing in to Windows. i.e. Is it possible to create a self sign kerberos token using GSS APIs. Using below code when Server name is provided,…
Siva Ganisetti
  • 1
0
votes
1 answer

Kerberos GSSAPI AD Authentication fails

I've an apache httpserver on centos 8. I've to protect a specific location with kerberos module and i'm using GSSAPI mod. I've configured the kerberos client and the kinit test seems fine: [root@test etc]# kinit -V Using principal:…
Gabriele
  • 21
  • 2
  • 5
0
votes
0 answers

Kerberos authentication with OpenLDAP

I am doing development to perform Kerberos authentication from openldap with cyrus-sasl-2.1.26 libraries. However I am new to this area. Hence I have many queries. Can I get some leads here. I see the gssapi.c in libldap has wrappers which invoke…
sreedhar
  • 21
  • 4
0
votes
0 answers

Kerberos authentication (GSSAPI) in Apache Kafka 6.0 uses Pre windows 2000 names format

I trying to make Apache Kafka protected using SASL_SSL and GSSAPI mecanism. Everythnig is workin properly apart from the fact that the Authentication names used by Kafka are the "pre-windows 2000" formatted names instead of the "standard" new…
Jerome
  • 61
  • 9
0
votes
0 answers

Failed to create consumer: No provider for SASL mechanism GSSAPI:Current build options: PLAIN SASL_SCRAM OAUTHBEARER

I m trying to create a consumer but getting error "Failed to create consumer: No provider for SASL mechanism GSSAPI: recompile librdkafka with libsasl2 or openssl support. Current build options: PLAIN SASL_SCRAM OAUTHBEARER". where, in consumer,…
Kavita Jain
  • 90
  • 1
  • 9
0
votes
0 answers

Connecting to LDAPS with GSS and Channel Binding

I'm trying to bind to an Active Directory server with GSS on a Windows computer that is logged in as a domain user. Normally, this works fine. But when signing and binding is being enforced (see…
thetechnician94
  • 545
  • 2
  • 21
0
votes
0 answers

Kerberos cannot use ticket cache in Java code

I had a service which tries to use kerberos ticket cache but I always get error like Caused by: java.lang.RuntimeException: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos credentails). If I do not use…
Bostonian
  • 615
  • 7
  • 16
1 2 3
18 19