Questions tagged [gssapi]

GSS-API is an IETF standard that addresses the problem of many similar but incompatible security services in use today.

Generic Security Service Application Program Interface (gssapi) provides vendor-neutral authentication services to callers in a generic fashion, supportable with a range of underlying mechanisms and technologies and hence allowing source-level portability of applications to different environments.

Commonly-used negotiation mechanisms include kerberos and ntlm during spnego transactions between client and server.

GSSAPI is defined in RFC 2743.

274 questions

votes

0 answers

How to use gssapi kerberos in c / c++ client server cross-platform programs?

I had to "sporadically" work with Heimdal / MIT Gssapi for kerberos authentication over past couple of years. I had to build an application that was to be used as a web-service running on a Linux box, and serve client applications like browsers,…

c++ c linux kerberos gssapi

asked Jan 13 '14 at 11:11

mdk

6,225
1
25
30

votes

2 answers

Secure this invaluable documentation on using C/C++ with GSSAPI and SASL

I have been working on using GSSAPI in c/c++ applications, for some time now. Obviously I had to google and research a lot. One of the most interesting documentation I discovered was on Sun's old web-site. After Oracle took over Sun, the old…

c++ c kerberos sasl gssapi

asked May 03 '12 at 12:30

mdk

6,225
1
25
30

votes

2 answers

Windows authentication in linux docker container

i am trying to use windows authentication in linux docker container under kubernetes. I am following this settings: https://learn.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore-3.1&tabs=visual-studio#kestrel App…

kerberos windows-authentication gssapi http-negotiate gss

asked Feb 19 '20 at 08:50

Scholtz

2,878
2
23
23

votes

2 answers

Skipping Kerberos authentication prompts with JSch

I am using the Connect() method in the Ssh Java class below in order to connect to a server using SSH (JSch) and running a command in the server. The problem is that when running Connect() the server prompts the next messages: Kerberos username…

java ssh kerberos jsch gssapi

asked Apr 16 '15 at 08:36

Haritz

1,702
7
31
50

votes

3 answers

How to install GSSAPI Python module?

I am trying to install the GSSAPI module through pip but I receive this error that I don't know how to resolve. Could not find main GSSAPI shared library. Please try setting GSSAPI_MAIN_LIB yourself or setting ENABLE_SUPPORT_DETECTION to 'false' I…

python installation ldap python-2.6 gssapi

asked Jun 17 '15 at 15:44

G3tinmybelly

1,777
2
15
18

votes

3 answers

"GSSException Defective token detected" - when trying to Authenticate to Tomcat running on Windows using Kerberos

I am struggling to authenticate to a Java web container (I've tried both Tomcat and Jetty) when running on Windows 2012. Every time I try the Negotiate auth scheme I get an error: org.ietf.jgss.GSSException: Defective token detected (Mechanism…

java windows active-directory kerberos gssapi

asked Nov 10 '17 at 16:31

Nicholas DiPiazza

10,029
11
83
152

votes

4 answers

How do people make Java SPNEGO client work in Windows?

In order to do client-side HTTP SPNEGO authentication with Java on Windows you need to set the Windows Registry key allowtgtsessionkey. This is well documented. What I do not understand is how people get around this? Most corporate sites would…

java spnego gssapi sspi negotiate

asked Jan 28 '13 at 05:45

peterh

18,404
12
87
115

votes

3 answers

ldap_sasl_bind_s(GSSAPI) - What should be provided in the credentials BERVAL structure

I'm trying to use the ldap_sasl_bind_s method from the Microsoft LDAP C SDK, with GSSAPI as the authentication mechanism. ldap_sasl_bind_s expects the credentials as a BERVAL structure, which is opaque. Given a username (or a DN) and a password,…

ldap sasl gssapi

asked Jun 29 '10 at 21:30

Catalina Iacob

votes

3 answers

Using GSSManager to validate a Kerberos ticket

I have the following code: public static void main(String args[]){ try { //String ticket = "Negotiate YIGCBg...=="; //byte[] kerberosTicket = ticket.getBytes(); byte[] kerberosTicket = Base64.decode("YIGCBg...=="); …

java kerberos gssapi

asked Aug 13 '14 at 14:44

Josh C.

4,303
5
30
51

votes

3 answers

Java Authentication against Active Directory, authentication mismatch?

So I have some code which I'm testing to make sure it works nicely for authentication. It works fine against straight kerberos, so I figured there should only be some minor hiccups with AD. Unfortunately, I cannot get around a KrbException: KDC has…

java active-directory kerberos gssapi

asked Nov 28 '12 at 00:15

ohshazbot

votes

3 answers

How to install gssapi python module on windows?

I am currently trying to get the gssapi module for python to run on windows. My goal is to authenticate with an Active Directory using python module ldap3. gssapi is an requirement for this to work. However, installation fails because it cannot find…

python windows installation kerberos gssapi

asked Sep 22 '15 at 07:01

Oliver Gerlach

votes

2 answers

Java Kerberos authentication seems to work, still gets rejected

I've got a Java client app and a Java server app, and I'm trying to authenticate to the server via Kerberos. The client basically uses http-components and SPNEGO to make a HTTP GET call, but I always get 401 Unauthorized as a result. I can not spot…

java kerberos spnego gssapi

asked Jul 05 '11 at 16:29

Michael Böckling

7,341
6
55
76

votes

1 answer

Server ldap/example.com@EXAMPLE.COM not found in Kerberos database

Edit : Issue finally solved. The detail can be found in the troubleshooting part at the end of this message. I leave the detailed steps here in case it could help somebody. Setup OpenLDAP I - Create the server The documentation are often outdated…

ldap kerberos openldap gentoo gssapi

asked Aug 08 '17 at 10:38

Wargtek

votes

2 answers

Single sign-on in Java / VNC

Background On the project I work on we have GUI applications running on several different servers. Due to their user interface similarities I am investigating combining their OMIs into a single unified interface. Currently these applications are all…

java kerberos single-sign-on vnc gssapi

asked Jan 21 '11 at 19:17

John Kugelman

349,597
67
533
578

votes

1 answer

Kerberos/SASSL/OpenLDAP : GSSAPI Error: Unspecified GSS failure. Minor code may provide more information ()

I'm setting up openLDAP with SASL authentification with kerberos. I got problem with this auth. First, I get the kerberos ticket with kinit. When I make a klist, the ticket is displayed. So, no problem. But when I try to make ldapwhoami. I got an…

ldap kerberos openldap sasl gssapi

asked May 29 '14 at 14:43

Voulzy

1,157
3
10
11

2 3

…

18 19 Next