Stack Overflow
Stack Overflow

Questions tagged [gssapi]

GSS-API is an IETF standard that addresses the problem of many similar but incompatible security services in use today.

Generic Security Service Application Program Interface () provides vendor-neutral authentication services to callers in a generic fashion, supportable with a range of underlying mechanisms and technologies and hence allowing source-level portability of applications to different environments.

Commonly-used negotiation mechanisms include and during transactions between client and server.

GSSAPI is defined in RFC 2743.

274 questions
2
votes
2 answers

Is it possible to integrate Kerberos authentication into Jetty 6?

We currently have an application that runs an embedded jetty 6.1.14 server to which we need to add authentication via Kerberos. I'm new to Kerberos, which makes the task about 100x harder that maybe it should be. I've scoured the internet and have…
Smashing Hamilton
  • 21
  • 3
2
votes
2 answers

KDC - From where we got the server?

I'm trying to perform kerberos authentication using java. I enabled debugging. When trying to connect to the LDAP using the tgt, I'm getting (the server names were changed): getRealmFromDNS: trying srv1.myserver.com getRealmFromDNS: trying…
Matan
  • 680
  • 2
  • 14
  • 24
2
votes
1 answer

Need to determine proper SPN for svn/svnserve authentication via GSSAPI to Win 2008 AD

I am setting up a Windows-based Subversion setup via SVNSERVE under which users authenticate to Active Directory via SASL and the GSSAPI. I know that some providers offer pre-packaged installations of Subversion with integrated AD support out of the…
David W
  • 10,062
  • 34
  • 60
1
vote
0 answers

How to run an SSH command on a remote machine using JSCH via GSSAPI/Kerberos in a Java web app with Waffle SSO auth/JAAS?

I am using a Java Spring Boot application with Waffle SSO library waffle-spring-security4 2.0.0 and have installed and configured MIT Kerberos. The ticket cache is working fine, and running "kinit" creates Kerberos tickets in the ticket cache…
Chandru
  • 81
  • 1
  • 9
1
vote
0 answers

Getting error connecting to Kafka Kerberos

getting this error :- SASL authentication error: SASL handshake failed (step): SASL(-1): generic failure: GSSAPI Error: An invalid name was supplied (Success) (after 25ms in state AUTH_REQ) kinit command is working fine with the keytab file, need to…
Siddhant Tripathi
  • 11
  • 1
1
vote
0 answers

Arcgis & Python: Azure YAML pipeline fails with "Command 'krb5-config --libs gssapi' returned non-zero exit status 127."

I am deploying my Python code to an Azure Function with Python runtime 3.9, using the following yaml pipeline: trigger: branches: include: - dev - test - uat - prod pool: vmImage: ubuntu-latest stages: - stage:…
FaCoffee
  • 7,609
  • 28
  • 99
  • 174
1
vote
1 answer

GSSAPI Docker Installation Issue - /bin/sh: 1: krb5-config: not found

I successfully tried out GSSAPI to generate kerberos tickets in my Python app locally on my Mac. Now I am trying to package this as a Docker image. When I try to build the image I keep getting this error: ------ …
KSS
  • 821
  • 3
  • 10
  • 26
1
vote
0 answers

golang:1.19-alpine does not pull latest librdkafka package

I have Kafka consumer Golang application. I'm trying to deploy it in PKS cluster. Here is the docker file that I have defined, FROM golang:1.19-alpine as c-bindings RUN apk update && apk upgrade && apk add pkgconf git bash build-base sudo FROM…
Pramit Pakhira
  • 135
  • 1
  • 8
1
vote
1 answer

Dockerfile configuration for GSSAPI with SASL_SSL support for alpine based Go image

I have a Confluence Kafka consumer written in Golang. I am trying to deploy it in a PKS cluster. The Kafka config looks like…
Pramit Pakhira
  • 135
  • 1
  • 8
1
vote
0 answers

SSH GSSAPIAuthentication/Kerberos works in CMD but not working from Java program

We are in the corporate windows AD network, When we try to execute the below SSH command in CMD, it works fine, ssh -o GSSAPIAuthentication=yes userid@servermachine.xyz.com We have tried to run the above command for the other colleagues using the…
Chandru
  • 81
  • 1
  • 9
1
vote
0 answers

RHEL8 and GSSAPI Kerberos authenticate through Apache issue

I'm trying to run an apache virtualhost, on a machine currently running Red Hat Enterprise Linux release 8.5 (Ootpa), with Kerberos authentication using the new GSSAPI module (replacement of mod_auth_kerb). I also configured LDAP directives to…
Wrest
  • 113
  • 1
  • 11
1
vote
1 answer

Build libssh with vcpkg enable gssapi

I'm trying to build libssh with vcpkg for windows x86 but i need to enable gssapi support. With standard command vcpkg install libssh i'm getting an dynamic library but the log files shows that gssapi support isnt build in. [1/2] cmd /c "cd…
Marco
  • 129
  • 1
  • 9
1
vote
3 answers

For some reason when I link against Oracle GSS starts behaving differently (Solaris)

My test program works fine. I can create a client and a server and run them against each other. I can set my KRB5_CONFIG environment variable and use a local configuration for testing. For some reason when I place the code in our production software…
Richard Corfield
  • 717
  • 6
  • 19
1
vote
0 answers

getgrouplist behaviour in Single Sign-on using (GSSAPI) vs Username/Password login via PAM

I have a program(C, Redhat) which lets the user login using Single Sign-on via GSSAPI/(Kerberos) or username/password via PAM. After the login the user groups are fetched from Active Directory using getgrouplist function. Now if I change the user…
ekhanad
  • 154
  • 2
  • 8
1
vote
3 answers

Confusion about Java App auth in AD based on Kerberos MSLSA ticket cache

The task is to get myapp to auth in AD using Kerberos ticket cache from MSLSA with no password prompting and without keytab. Right now I'm able to get TGT cache — which is FORWARDABLE and PROXIABLE — but I'm getting this exception in…
showgazer
  • 91
  • 1
  • 1
  • 5
1 2 3
18 19