Stack Overflow
Stack Overflow

Questions tagged [kerberos]

Kerberos is a single sign-on (SSO) network authentication protocol designed to allow nodes, communicating over a non-secure network, to prove their identity to one another in a secure manner.

Kerberos is a single sign-on (SSO) network authentication protocol which uses symmetric cryptography and is defined in RFC 4120. Its design is based on usage of a trusted third-party (the key distribution center "KDC") which allows IP hosts to communicate over a non-secure network to prove their identity to one another in a secure manner. The PKINIT extension (RFC 4556) adds support for public-key cryptography.

Kerberos authentication in web browsers and HTTP clients is supported via the SPNEGO mechanism (RFC 4559). In other software, the GSS-API (RFC 4121) interface is commonly used to perform Kerberos authentication.

Kerberos supports one-time password (OTP) tokens for multi-factor authentication (RFC 6560).

See the Wikipedia article for more information.

3522 questions
1
vote
1 answer

Client with multiple Service SPNs, can client be intentionally limited to certain service? kerberos and / or spnego

I have gotten the Active Directory kerberos and SPNEGO configured correctly but it always confuses me that how service SPN can be set up to allow only certain domain users to access certain services. For example,…
Alison Aftra
  • 63
  • 1
  • 9
1
vote
1 answer

SPNEGO authentication with uri module

Using curl I can access HTTP resource on a Web service with Kerberos / SPNEGO this way, after I did a kinit curl -x POST --negotiate -u : http://host.mydomain.net:14000/my/web/resource You can see I just pass -u : without actually passing any user…
Baptiste Mille-Mathias
  • 2,144
  • 4
  • 31
  • 37
1
vote
0 answers

apt-get installing only docs for krb5-config

I am currently setting up my Ubuntu 16.04 VM to use flask-kerberos for authentication. While trying to install it with: pip install flask-kerberos I get a build error: x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes…
Jendrik
  • 206
  • 2
  • 8
1
vote
1 answer

Using parquet-tools with Kerberos CDH

I am trying to discover a schema from a parquet file. I tried to use the code: parquet-tools schema hdfs://:8020///.parquet But I got the error: SIMPLE authentication is not enabled. Available:[TOKEN,…
bkemmer
  • 400
  • 1
  • 2
  • 9
1
vote
1 answer

No krb5.keytab file on Linux (SLES) Machine

I'm trying to implement single sign on for our SAP System. On the first 3 machines I've got no problems. But now things seems a little bit different: If I try to write my host keytab file into the krb5.keytab via ktutil an error occures: No such…
The_Lord
  • 83
  • 2
  • 5
1
vote
0 answers

Kerberos parameter in sparklyr livy protocol

I want to connect with a domain joined HDInsight cluster in Azure from a domain joined VM. Unfortunately, I don't know how to make sure that sparklyr starts a session with Kerberos authentication. sc <- sparklyr::spark_connect(master =…
JanBennk
  • 277
  • 7
  • 16
1
vote
0 answers

Kerberos Authentication in OSI PI in Java

I am newbie in terms of Kerberos Authentication. I am able to login into access the API urls directly from browser by providing username and password.I check in Event Viewer by enabling debug logs and it gave me following output: [PIWebAPI]…
Arshanvit
  • 417
  • 1
  • 7
  • 28
1
vote
0 answers

How to connect to SQL Server with JDBC connection from sparklyr with kerberos authentication?

I am having trouble accessing my SQL Server database using Kerberos with a JDBC connection. Note I'm running Linux with Spark version 2.2.0. I am not specifying anything related to kerberos tickets in my spark_connect, as I've heard rstudio server…
Zafar
  • 1,897
  • 15
  • 33
1
vote
0 answers

mongodb sasl unable to find a callback 32775

I installed a MongoDB server 4.0 Enterprise Edition on a Windows Server 2012 R2 and configured kerberos authentication following the official documentation…
Stéphane Goarzin
  • 11
  • 1
1
vote
0 answers

Kerberos Support for FileNet .Net client hosted on IIS

We have .NET applications which are integrated with FileNet and connect to custom FileNet application hosted on IIS which retrieves documents. We ahve requirement to pass pass user credentials from .Net apps connection to FileNet. However, we dont…
amitbvsb
  • 29
  • 4
1
vote
1 answer

Nginx as load balancer for application using Kerberos

I'm currently using nginx as a load balancer for a tomcat app thats located on two different servers. That app uses NTLM for authentication and nginx is working perfectly fine (valid users are automatically logged in when calling the nginx…
alexmm
  • 99
  • 1
  • 13
1
vote
2 answers

Connection to Hive using python and Kerberos

I'm trying to connect to hive using Python. I installed all of the dependencies required (sasl, thrift_sasl, etc..) Here is how I try to connect: configuration = {"hive.server2.authentication.kerberos.principal" : "hive/_HOST@REALM_HOST",…
cfrapper
  • 55
  • 1
  • 9
1
vote
1 answer

Setting path of krb5.conf in Tomcat Application

We have a Java Web Application, which used Hadoop cluster for storage. The cluster is kerberos enabled. By default, our application reads the krb5.conf file from /etc folder. We want that the krb5.conf file to be read from user specific…
Pranav
  • 363
  • 8
  • 19
1
vote
1 answer

HTTP/Spnego with Kerberos authentication for Finatra web server

I try to use Spnego with Finatra web server but I don't succeed. Here my GitHub project: https://github.com/glegoux/spnego-server-finatra With wireshark: error: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN. My server log: ... Debug is true storeKey true…
glegoux
  • 3,505
  • 15
  • 32
1
vote
1 answer

Camel-Kafka security protocol SASL_PLAINTEXT not supported

I need to route ActiveMQ messages to Kafka(Cloudera) using Camel using authentication protocol Kerberos. ActiveMQ v5.15.4 Camel:2.21.1 Kafka Clients: 1.1.0 Server Version: Apache/2.4.6(CentOS) Kafka Security documentation states that it only…
macuzil
  • 41
  • 4
1 2 3
99 100