How do I interact with the kerberos server from my own application
I have a kerberos server on my network for username and password authentication. The machines running my application have kerberos clients running, so users can use kinit, etc.
How can I interact with the server programmatically, from my own applications? The preferred language for the example is C.
I want my application users to authenticate from the keberos server before accessing certain functionality. I expect you will have to ask for their username and password - it may not have been called kinit.
The computers hosting the applications are running OS X and Debian / Linux.
I believe the answer may very well be GSSAPI related. If so, are there any good tutorials for this?
source to share
Sun covers this in their book The Solaris Security Guide for Developers . In particular, you will find Appendix A - Sample C-based GSSAPI Programs and Chapter 5 - Sample GSS-API Client useful .
source to share
GSSAPI is indeed the recommended approach, but the exact details will depend on your language environment and whether you need to interact with Windows. Is your provider kerberos Windows or something else?
On Windows, Kerberos is the native protocol supported by the OS, and many of the Win32 high-level APIs will effectively provide this for you for free. Interfacing with a non-Windows kerberos server is possible, but not trivial.
On UNIX, you might need to install kerberos client support and get this working, but if your network already has a kerberos server, it may have been done for you already.
Windows includes a GSSAPI implementation as does Java, and most UNIX flavors have an implementation. I believe GSSAPI add-ons are available for PHP as well.
If you can add more specific requirements to your requirements, I can confirm this answer a bit.
source to share