Questions tagged [kerberos]

Kerberos is a single sign-on (SSO) network authentication protocol designed to allow nodes, communicating over a non-secure network, to prove their identity to one another in a secure manner.

Kerberos is a single sign-on (SSO) network authentication protocol which uses symmetric cryptography and is defined in RFC 4120. Its design is based on usage of a trusted third-party (the key distribution center "KDC") which allows IP hosts to communicate over a non-secure network to prove their identity to one another in a secure manner. The PKINIT extension (RFC 4556) adds support for public-key cryptography.

Kerberos authentication in web browsers and HTTP clients is supported via the SPNEGO mechanism (RFC 4559). In other software, the GSS-API (RFC 4121) interface is commonly used to perform Kerberos authentication.

Kerberos supports one-time password (OTP) tokens for multi-factor authentication (RFC 6560).

See the Wikipedia article for more information.

3522 questions

vote

1 answer

use WindowsIdentity/WindowsPrincipal to get SAML token for WS-Federation

Is there a way to use the native WindowsIdentity/WindowsPrincipal inside of a C# application running on a corporate domain to be able to request a SAML token from the domain's ADFS server so that the C# application can then make subsequent calls to…

asked Sep 21 '18 at 13:36

Brian

1,675
3
19
29

vote

2 answers

Performance difference Kerberos versus NTLM

I understand that Kerberos has better performance than NTLM. But does anyone have any figures or any experience of how much better it is?

performance kerberos ntlm

asked Mar 09 '11 at 10:09

Shiraz Bhaiji

64,065
34
143
252

vote

2 answers

MacOS Sierra & Kerberos

I am running MacOs High Sierra 10.13 I need to remotely access a kerberised web UI (Hadoop Cluster / Ambari / Oozie Service UI to be specific) For that I first need to edit/configure the kerberos conf file to add the realm before calling kinit…

macos kerberos

asked Sep 19 '18 at 15:52

Mehdi LAMRANI

11,289
14
88
130

vote

1 answer

Soapclient and the transfer of user Kerberos authentication

I am consuming services through Soapclient with a Kerberos authentication. A website is hosted in Server A and accessed through Kerberos authentication and web services is hosted in Server B and again accessed through Kerberos authentication. Web…

php kerberos soap-client

asked Sep 14 '18 at 09:31

geosom

vote

1 answer

How to logon a user on a server and run a process given a Kerberos Ticket

How does authentication and logon work on Windows with Kerberos? What I want to achieve is to logon a user on a server and run a process for that user. As a first step, I create a Kerberos ticket on the client and send it to the server. On the…

ssh kerberos windows-authentication gssapi sspi

asked Sep 13 '18 at 06:48

Spiegelritter

vote

0 answers

Apache Nifi publish to Kafka 0.10 with SASL failing

I am trying to publish data from Nifi 1.7.1 to Kafka 0.10 via SASL_Plaintext. We already tested that Kafka Brokers are available and receiving on our topic via Commandline on the Kafka Server. Still the PublishKafka_0_10 fails with the following…

apache-kafka kerberos apache-nifi

asked Sep 12 '18 at 10:57

jugi

vote

1 answer

Kerberos requesting for password after generating TGT

I have followed the below steps to set up the Kerberos server for centos. Inserted valid fqdn in /etc/hosts file. Changed realm name in /var/kerberos/krb5kdc/kdc.conf Changed realm name in /var/kerberos/krb5kdc/kadm5.acl Configured…

centos7 kerberos mit-kerberos

asked Sep 04 '18 at 06:32

Shubham Hasija

vote

1 answer

warning when enabling Kerberos on Hadoop

I am wanting to enable Kerberos on a Hadoop 2.5 cluster that has data in it we want to keep. Going into the Kerberos wizard in Ambari it warns: YARN log and local dir will be deleted and ResourceManager will be formatted... Will this harm the data…

hadoop kerberos

asked Aug 31 '18 at 14:54

simbo1905

6,321
5
58
86

vote

1 answer

Java Hbase Rest Client with Kerberos Authentication

I am trying to connect use Java HBase Rest Client to connect to my Hbase Server and it's showing authentication error. If I use the connection object and use scanner API, I can retrive the data, However not sure How to do this with Rest…

java hbase kerberos

asked Aug 30 '18 at 23:21

Gaurang Shah

11,764
9
74
137

vote

1 answer

Authorizing AD Group\User With HttpClient

I'm getting a 401 error whenever I attempt to get a response from HttpClient when I turn off Anonymous Authentication. StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers: { …

c# asp.net-mvc kerberos windows-authentication unauthorized

asked Aug 27 '18 at 18:20

Parrish Husband

3,148
18
40

vote

1 answer

CXF - How to properly configure Spnego with CXF 3.2.6

I'm trying to do create a CXF soap web service client to make soap calls with a Kerberos authenticated SharePoint instance. I import the following:…

java authentication cxf kerberos spnego

asked Aug 22 '18 at 19:52

Nicholas DiPiazza

10,029
11
83
152

vote

0 answers

SSRS 2017 Scaleout adding/editing Data Source issue in Chrome

I have setup SSRS 2017 Scaleout environment with two nodes and a load balancer. Users can login fine with both IE and Chrome but editing Data Sources works in IE but not in Chrome. Details below. Here are the high level Installation/Configuration…

reporting-services kerberos ssrs-2017

asked Aug 22 '18 at 00:16

Afroz

1,017
2
12
24

vote

1 answer

Kerberos Token asks to be called again to complete the context

I am attempting to obtain a Kerberos Token from a C# Application (not web-based, a standalone executable). I have referred to this question to figure out how to do it, but even trying both answers, I get the same problem. When I reach the GetToken…

c# .net single-sign-on kerberos sspi

asked Aug 20 '18 at 19:45

Kaito Kid

vote

1 answer

How to do authentication with Kerberos in Jupyter notebook

I am using Jupyter Notebook on my Cloudera cluster, need to read data from hdfs. As the cluster is Kerberized so I need to get authenticated with my keytab, I ran the command inside my notebook: kinit -kt keytab principal no problem and I can see…

jupyter-notebook kerberos

asked Aug 13 '18 at 15:31

Choix

vote

1 answer

Klist error: Bad format in credentials cache

I am seeing the following error when inspecting a newly created keytab: [rxie@cedgedev02 ~]$ klist rxie.keytab klist: Bad format in credentials cache (filename: rxie.keytab) [rxie@cedgedev02 ~]$ kinit -kt rxie.keytab kinit: Cannot determine …

kerberos keytab

asked Aug 10 '18 at 17:34

Choix

Prev 1 2 3

…

99 100 Next