Stack Overflow
Stack Overflow

Questions tagged [gssapi]

GSS-API is an IETF standard that addresses the problem of many similar but incompatible security services in use today.

Generic Security Service Application Program Interface () provides vendor-neutral authentication services to callers in a generic fashion, supportable with a range of underlying mechanisms and technologies and hence allowing source-level portability of applications to different environments.

Commonly-used negotiation mechanisms include and during transactions between client and server.

GSSAPI is defined in RFC 2743.

274 questions
1
vote
0 answers

Send via SMTP using GSSAPI authentication with Python or Perl

Our SMTP server supports the GSSAPI AUTH mechanism. I would like to write a script, preferably in Python 3 or Perl, that does an e-mail send to the SMTP server using GSSAPI. I can send using username and password with Python3's smtplib, but how do I…
rlandster
  • 7,294
  • 14
  • 58
  • 96
1
vote
3 answers

GSS-API Java strange error

I'm running the following tutorial: http://download.oracle.com/javase/6/docs/technotes/guides/security/jgss/tutorials/BasicClientServer.html I'm getting the following prompts: Connected to server localhost/127.0.0.1 Kerberos username [login]: {I…
hawkeye
  • 34,745
  • 30
  • 150
  • 304
1
vote
1 answer

How to use GSS-SPNEGO for ldapsearch bind

I would like to use ldapsearch for an authentication test to a remote Windows server from a Linux instance (Amazon Linux OS). Kerberos bind is working via GSS-API installed from package cyrus-sasl-gssapi, is there an equivalent package that can be…
Grant
  • 11
  • 2
1
vote
1 answer

Not able to connect to DB in php with mariadb gssapi, authentication method unknown to client

I am trying to auth users with gssapi using mariadb gssapi plugin in php on a local installation with xampp. I have set up xampp and a local installation which works. Now i want to connect to the db by using the windows ldap user and gssapi…
Michael
  • 13
  • 6
1
vote
1 answer

Configure gssapi to connect PostgreSQL server using AD

I'm trying to connect Postgres server with the gssapi protocol. User accounts have been created in Active Directory. I used the following commands: postgres@xxxxx:John $ ktutil ktutil: add_entry -password -p POSTGRES/myserver.domain.com -k 1 -e…
Fabrice Chapuis
  • 448
  • 1
  • 5
  • 19
1
vote
1 answer

How to communicate with two different KDC servers from single Java client program using Java GSS-API and Kerberos 5?

I am using Java GSS-API with Kerberos for secure Authentication. I implemented sample Server and sample Client programs, and Client is able to successfully authenticate and get the service from Server. For these sample programs I passed the KDC…
Prashanth Reddy
  • 13
  • 3
1
vote
1 answer

Mariadb build error on amazon linux 2 - auth_gssapi error

While building mariadb in Amazon linux 2 from a code repo (its not sudo yum install from mariadb external source), I am getting this error as below. Looks like the authentication setup/parameter/code issue. Can someone help? I have found this link:…
dbNovice
  • 399
  • 2
  • 4
  • 18
1
vote
0 answers

Why is Perl Net::LDAP with GSSAPI SASL bind connecting with wrong sasl_ssf on Debian buster?

I have a Perl script to read from an OpenLDAP instance using Net::LDAP with a GSSAPI bind. The script works fine on Debian stretch but fails on Debian buster. Note that on both servers the line at the bottom of the Perl code that runs ldapsearch…
rlandster
  • 7,294
  • 14
  • 58
  • 96
1
vote
0 answers

Unable to consume messages with SASL_SSL and Kerberos, even with authentication pass

Environment Information OS: Ubuntu Node Version: 10.18.1 NPM Version: 6.13.4 C++ Toolchain: g++ node-rdkafka version: 2.8.1 I am trying to consume messages from an enterprise kafka cluster using the node-rdkakfa library. The cluster is secured…
SOUPTIK BANERJEE
  • 143
  • 3
  • 10
1
vote
1 answer

python: binding via kerberos to the ldaps port

I can connect to an Active Directory server using the ldap port and SASL (using gssapi to do kerberos) as follows: import ldap, ldap.sasl, sys server = 'ldap://server.domain.tld' sasl_auth = ldap.sasl.sasl({} ,'GSSAPI') conn =…
Adam Benjamin
  • 61
  • 7
1
vote
0 answers

What is the Purpose of "isInitiator" flag in Krb5LoginModule?

I am working on Kerberos delegation, where I wish to impersonate the user based on incoming ticket, and make the connection to third party system. My observation is, context.getCredDelegState() returns true only when isInitiator flag from the…
Bhushan Karmarkar
  • 625
  • 7
  • 22
1
vote
1 answer

Java 11: Kerberos using GSS API

I'm upgrading a project to Java 11. I realized that some of the internal packages such as sun.security.krb5.Config & sun.security.krb5.KrbException are no longer "visible" due to modules. Few examples of how the codebase is consuming these packages…
Vivek Shankar
  • 770
  • 1
  • 15
  • 37
1
vote
1 answer

GSSAPI authentication fails for Redmine

I have configured SSO for Redmine on Apache with Kerberos + GSSAPI. It works OK for the first time. But I postponed this configuration and when I setup it again SSO auth fails with the following error in httpd error log: [http:trace4] [pid 29360]…
alexBl
  • 33
  • 1
  • 5
1
vote
0 answers

SSPI client requires less iterations than GSSAPI server

I'm using nsspi to call SSPI APIs from a C# application for the client side. I'm using cyrus sasl with a MIT Kerberos GSSAPI implementation on the server side. The two protocols seem to talk to each other but the server seems to require more…
Dean
  • 6,610
  • 6
  • 40
  • 90
1
vote
1 answer

How to logon a user on a server and run a process given a Kerberos Ticket

How does authentication and logon work on Windows with Kerberos? What I want to achieve is to logon a user on a server and run a process for that user. As a first step, I create a Kerberos ticket on the client and send it to the server. On the…
Spiegelritter
  • 806
  • 1
  • 7
  • 16
1 2 3
18 19