[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: how to achieve what kinit does programmatically?

To: hotz@jpl.nasa.gov
Subject: Re: how to achieve what kinit does programmatically?
From: Luke Howard <lukeh@PADL.COM>
Date: Fri, 30 May 2003 09:42:20 +1000
Cc: Kent_Wu@trendmicro.com, heimdal-discuss@sics.se
Organization: PADL Software Pty Ltd
References: <7DE4EF03D8D61B44B927E4A059B2644C3489B3@65-200-113-18.trendmicro.com> <p05111721bafc3a41846f@[137.78.212.225]>
Reply-To: lukeh@PADL.COM
Sender: owner-heimdal-discuss@sics.se
Versions: dmail (bsd44) 2.4c/makemail 2.9d


>Now is it accurate?  I do know that it documents a 
>get-tgt-with-password type function that exists, but is different 
>from the function actually used by either NetBSD/Heimdal kinit or MIT 
>kinit (which are different from each other as well).  In other words 
>just because MIT has more documentation than Heimdal doesn't mean 
>it's better. |-(

For Heimdal, see krb5_get_init_creds_password(). Or just use PAM
and pam_krb5.

>I also looked at the GSSAPI documentation from Sun and it appears 
>that that API assumes you already have a tgt (unless you're a 
>server).  I think SASL wraps GSSAPI so that wouldn't solve the 
>problem either.

GSS-API does not deal with acquiring initial credentials.

-- Luke

--
Luke Howard | PADL Software Pty Ltd | www.padl.com

References:
- how to achieve what kinit does programmatically?
  - From: Kent_Wu@trendmicro.com
- Re: how to achieve what kinit does programmatically?
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>

Prev by Date: Re: couple socket-connection questions
Next by Date: Re: couple socket-connection questions
Prev by thread: Re: how to achieve what kinit does programmatically?
Next by thread: Re: how to achieve what kinit does programmatically?
Index(es):
- Date
- Thread