Questions tagged [kerberos]

Kerberos is a single sign-on (SSO) network authentication protocol designed to allow nodes, communicating over a non-secure network, to prove their identity to one another in a secure manner.

Kerberos is a single sign-on (SSO) network authentication protocol which uses symmetric cryptography and is defined in RFC 4120. Its design is based on usage of a trusted third-party (the key distribution center "KDC") which allows IP hosts to communicate over a non-secure network to prove their identity to one another in a secure manner. The PKINIT extension (RFC 4556) adds support for public-key cryptography.

Kerberos authentication in web browsers and HTTP clients is supported via the SPNEGO mechanism (RFC 4559). In other software, the GSS-API (RFC 4121) interface is commonly used to perform Kerberos authentication.

Kerberos supports one-time password (OTP) tokens for multi-factor authentication (RFC 6560).

See the Wikipedia article for more information.

3522 questions

votes

3 answers

"GSSException Defective token detected" - when trying to Authenticate to Tomcat running on Windows using Kerberos

I am struggling to authenticate to a Java web container (I've tried both Tomcat and Jetty) when running on Windows 2012. Every time I try the Negotiate auth scheme I get an error: org.ietf.jgss.GSSException: Defective token detected (Mechanism…

asked Nov 10 '17 at 16:31

Nicholas DiPiazza

10,029
11
83
152

votes

3 answers

How to test if a kinit is needed?

I would like to add something to my .bashrc file to run a kinit if I need one. Is there a way to test if I need to do a kinit? Something like this: if [ kinitNeeded ]; do kinit; done kinitNeeded() { ??? }

bash hadoop kerberos

asked May 16 '16 at 18:09

anthonybell

5,790
7
42
60

votes

2 answers

npm install mongoose causes gyp and kerberos errors (gssapi/gssapi.h file not found)

Ubuntu 14.04 nodejs version is v4.1.1 installed with these commands: curl -sL https://deb.nodesource.com/setup_4.x | sudo -E bash - sudo apt-get install -y nodejs mongodb installed via mongodb docs tutorial Next I tried installing mongoose by…

node.js ubuntu mongoose kerberos node-gyp

asked Oct 03 '15 at 06:22

CaffeinateOften

votes

9 answers

Kerberos - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC

I'm trying to setup SSO for Java WebApp using Kerberos/SpNego. I'm using: Java 1.7u67 org.springframework.security.kerberos 1.0.0.RELEASE Active Directory Tomcat 7 on Linux After overcoming the problem discribed in How to configure kerberos on…

java kerberos spnego spring-security-kerberos

asked Aug 07 '15 at 11:49

Gunnar Kiesel

votes

6 answers

Kerberos authentication in Node.js https.get or https.request

I'm trying to write a simple script that requests some data from a tool on an internal network. Here is the code: #!/usr/bin/node var https = require('https'); var fs = require('fs'); var options = { host: '', port: 443, path:…

javascript node.js https kerberos

asked Nov 20 '13 at 14:42

mart1n

5,969
5
46
83

votes

1 answer

Java and Kerberos authentication krb5.conf versus System.setProperty

Please help me on a kerberos+Java problem. I have a simple Java program to authenticate to a Windows Active Directory using Kerberos. The following java code works fine without any problems and prints true- public class KerberosAuthenticator { …

java kerberos jaas

asked Sep 16 '09 at 09:40

Keshav

4,408
8
31
50

votes

2 answers

How to transform NTLM credentials to Kerberos token in Node.js

I want to build a server using Node.js, which acts as some kind of proxy. The clients that connect to my server use NTLMv2 for authentication (there is no chance to change this), but the upstream server my server shall connect to requires a Kerberos…

node.js kerberos ntlm ntlm-authentication ntlmv2

asked Jul 08 '19 at 13:47

Golo Roden

140,679
96
298
425

votes

1 answer

Kerberos authentication with python

I need to write a script in python to check a webpage, which is protected by kerberos. Is there any possibility to do this from within python and how? The script is going to be deployed on a linux environment with python 2.4.something…

python security kerberos

asked Feb 13 '09 at 09:15

dertoni

1,763
2
24
47

votes

6 answers

Script Kerberos Ktutil to make keytabs

I want to make a script that will generate the a keytab using ktutil. When running the script I want to use [user]$ script.sh PASSWORD #script.sh echo "addent -password -p PRINCIPAL -k 1 -e aes256-cts-hmac-sha1-96" | ktutil Ktutil than needs a…

bash passwords pipe kerberos keytab

asked May 26 '16 at 07:31

OrigamiEye

votes

2 answers

How to validate a Kerberos ticket against a server in Java?

we are using JAAS to enable Single Sign On in a Java application using the Windows Kerberos ticket cache. Our jaas.conf config file looks like this: LoginJaas { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true …

java active-directory single-sign-on kerberos jaas

asked Feb 09 '10 at 17:14

user269667

votes

2 answers

Enable detailed logging for Kerberos in Java

I have a Java-based web application that takes the contents of a web form containing a username and password and authenticates using Kerberos to a Windows-based domain. The KDC address is apparently configured to map to different IP addresses at…

logging kerberos

asked Mar 13 '13 at 10:00

Mark Wardle

votes

6 answers

Single Sign-On Server Authentication in Ruby/Rack

I write and host web applications on Windows servers for intranet usage. My server stack uses Sinatra (which uses Rack), Thin, and (in some cases) Apache for reverse-proxying only. I want to support Single Sign-on (using NTLM or Kerberos) within our…

ruby active-directory rack kerberos ntlm

asked Apr 16 '11 at 16:54

Phrogz

296,393
112
651
745

votes

1 answer

R and Windows Authentication

We have a data server set up in IIS using Windows Authentication (Kerberos). Does anyone know how to call web services (GET and POST) from R authenticating against the Windows identity?

r authentication kerberos rcurl

asked Jul 27 '16 at 09:37

Roland Buergi

1,157
9
23

votes

1 answer

HttpClient set credentials for Kerberos authentication

I am trying to authenticate with a kerberos/HTTP host. Using Apache HttpClient as my client - and a slightly modified version of this source. My Kerberos authentication goes perfectly fine, and I wish to know how to set the login credentials…

java authentication httpclient kerberos userprincipal

asked Feb 07 '14 at 13:34

Alavalathi

votes

2 answers

ASP.Net web application trying to use Impersonation and Delegation to connect to SQL Server

I'm trying to use Impersonation and Delegation in an intranet ASP.Net web-app in order to pass authenticated users' credentials onto a SQL Server. The web server and SQL server are two separate machines, but in the same domain, so Delegation is…

asp.net iis-7 kerberos delegation

asked Jan 20 '10 at 11:52

Graham Clark

12,886
8
50
82

Prev 1 2

…

99 100 Next