Stack Overflow
Stack Overflow

Questions tagged [gssapi]

GSS-API is an IETF standard that addresses the problem of many similar but incompatible security services in use today.

Generic Security Service Application Program Interface () provides vendor-neutral authentication services to callers in a generic fashion, supportable with a range of underlying mechanisms and technologies and hence allowing source-level portability of applications to different environments.

Commonly-used negotiation mechanisms include and during transactions between client and server.

GSSAPI is defined in RFC 2743.

274 questions
1
vote
0 answers

mongodb sasl unable to find a callback 32775

I installed a MongoDB server 4.0 Enterprise Edition on a Windows Server 2012 R2 and configured kerberos authentication following the official documentation…
Stéphane Goarzin
  • 11
  • 1
1
vote
0 answers

Single Sign On with weblogic 12c using Kerberoes ( Active Directory and LDAP)

I have been trying this since last week but no luck so far. Trying to enable SSO using the weblogic12c on windows and AD (using LDAP) 1) Created a brand new user , enabled AES 128 for him 2) Executed the following commands on AD setspn -S…
Abhishek Yadav
  • 35
  • 1
  • 9
1
vote
0 answers

Delay in fetching kerberos tokens : python gssapi securitycontext

Hi I'm using a python function as follows for fetching kerberos tokens def get_token(server): service = gssapi.Name("HTTP@%s" % server, gssapi.NameType.hostbased_service) ctx = gssapi.SecurityContext(name=service, usage="initiate") …
unnikrishnan r
  • 11
  • 1
1
vote
1 answer

GSSAPI-Auth with PHP to MariaDB (Windows)

I'm currently working on Single Sign On to a Database-Server in a clean Windows Domain Environment. And as MySQL Enterprise and MSSQL servers are currently no option, it came down to MariaDB with the GSSAPI plugin. That's what I currently…
TheSkyGuy
  • 13
  • 4
1
vote
1 answer

Cross domain/realm authentication

Here is my problem: I can't find any document on cross domain authentication with java+kerberos. I have to authenticate against distant LDAP on other realm. How can we do that in java? Thank you EDIT: Here is my…
BigMac
  • 39
  • 6
1
vote
1 answer

How could I obtain GSSAPI credentials without having krb5.keytab on user machine?

I'm getting the following error when trying to obtain GSSAPI credentials on my machine: server_creds = gssapi.Credentials(usage='init', name=server_name) GSSError: Major (851968): Unspecified GSS failure. Minor code may provide more information,…
vdudouyt
  • 843
  • 7
  • 14
1
vote
1 answer

can the return value from finish in gdb be different from the actual one in execution

I am a gdb novice, and I was trying to debug some GSSAPI code, and was using fin to see the return value from the frame. As seen in the snip pasted below, the call from gssint_mechglue_initialize_library() seems to be 0 but the actual check seems to…
Kilokahn
  • 2,281
  • 1
  • 25
  • 50
1
vote
1 answer

automate TGT renewal

I’m automating a service that needs to access a kerberized resource. Passwordless kinit with a keytab works fine. The resource is then connected to using SASL. Is there a way, maybe via GSSAPI or libkrb5, to ensure a TGT is present whenever the…
phg
  • 286
  • 4
  • 15
1
vote
0 answers

Unable to get S4U2 proxy working

I have a requirement as follows: Client1 interacts with Service1 which in turn interacts with Service 2. The interaction with Service 2 should happen on behalf of Client1. Authentication being used here is kerberos, and I have few issues in …
Krishna Mothukuri
  • 53
  • 4
1
vote
1 answer

How do I make a HTTP GET request to a Kerberos protected site using Elixir (or Erlang)?

Essentially I would like to do this (Python) but in Elixir: import requests from requests_kerberos import HTTPKerberosAuth, OPTIONAL kerberos_auth = HTTPKerberosAuth(mutual_authentication=OPTIONAL) r = requests.get("http://example.org",…
Luxspes
  • 6,268
  • 2
  • 28
  • 31
1
vote
1 answer

Connecting to ldap using GSSAPI. Wrong service principal

I'm trying to connect to ldap server using SASL. I'm connecting using url ldaps://ldap.example.com but server hostname is host.example.com. ldap.example.com is cname for host.example.com. My program is trying to get service ticket for…
maxmati
  • 63
  • 1
  • 7
1
vote
2 answers

Unable to create a branch in subversion using TortoiseSVN

Unable to create a branch in subversion using TortoiseSVN. I get the following error message: SVN authorization failed: could not authenticate to proxy server: ignored basic challenge, GSSAPI authentication error Source…
VivekRatanSinha
  • 596
  • 1
  • 4
  • 17
1
vote
1 answer

Unable to compile Secure Authentication Using SPNEGO Java GSS Mechanism

I am trying to run the example GssSpNegoClient.java at the java tutorial Secure Authentication Using SPNEGO Java GSS Mechanism and I am not able to compile because of a line: Jaas.loginAndAction("client", action); The compiler is complaining that…
Manish Mishra
  • 796
  • 6
  • 21
1
vote
1 answer

how to use gss_import_name correctly?

I am using gss_import_name on the client side using GSS_C_NT_HOSTBASED_SERVICE to get a principal like service/server-host@realm. I am calling like this, gss_import_name(status, "SERVICE", GSS_C_HOSTBASED_SERVICE, output_name); But i get the…
kalyan
  • 3,076
  • 1
  • 22
  • 29
1
vote
0 answers

Protocol for sending GSS Tokens

I've been trying to work out how to use GSSAPI to authenticate with an IIS server on an Active Directory domain by working through the code for tutorials from Oracle and I'm having trouble establishing a context. The way the tutorial sends tokens is…
dram
  • 97
  • 1
  • 8
1 2 3
18 19