[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: how to achieve what kinit does programmatically?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Kent_Wu@trendmicro.com writes:

> I looked at the krb pam package but it looks like the function there
> would still prompt for user's passwd before it can get the TGT. The goal
> I want to achieve here is to do it without the prompt since I can get the
> user/passwd pair beforehand(thru proxy authorization maybe).

If you just want to verify the principal/password pair, the heimdal
specific krb5_verify_user might easier to use.

> So can krb5_get_init_creds_password() do the job without interaction?
> I've downloaded the MIT Kerberos package however it seems it doesn't have
> good documentation though. Does Heimdal provide better documentation?

I've commited update documentation yestoday, so next (major) release will
have better documentation on get krb5_get_in function.

Love

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (NetBSD)

iQIVAwUBPtyf2hZyDLTSep3UAQIldg//e6d3oUcsh54nKufm2KRebX2vsZ/vBPK9
39BpMuB2A+qEWaX6DdyrNBrb0bTnnxT2WNGRtcUGYo0DMcjEeYTkazFkaxI5SrjF
v2yTJ6CPAYrp4B0RqhHYWaCqHSJqhtlOgcHTVUWYumnm/a9YSfUsh6UVzrQzuFn7
TPhg6Bq2bl3yNkehwXPiMeBh1wGKp2oyU9o/ujD5oDs8rOcUmwnRJC7od3el87KS
dseaHC+Qjo5dtvoGP5lLypYHrisXDNfabYcejbkBPAPeNh0ypdg1FivXtt3raRiz
UBQbA+xjFZxD/jRSykc8W5G/7l97CMn51aRTbo20rruCP3ME8zcOVrxJ43ZKdygi
3wlS1GuiBrW+3Eb4rSGFdvfXlmXiCjz7UhjXgSi0Tj39i6Gpwq8aAG5kXjhs9QJL
Eep2zW+z5RuCR0U2WmKCQeIK3vpbIMJZ0EvMimOqNSH/yZhLs4TjPGEtOILmr5kk
XLebkLwF+GQQb1OjIj28GwETRw2zeTXw3KVJbhas/zelmlap3mvMV9O00IsOx5iG
hab+OVQ9Q1xaqBTgaGhl/68rg+W2MTyq8iI/xKjeusq8SNTNwrOYYm4HHMr8naKN
UPpwfmuYnvaOxSFt4Yn0nPYe8I0SJDUr7mnsqkWabtBi3SFtadgBOxI5Gc3sCc3t
ODl9RFsIDMg=
=30i1
-----END PGP SIGNATURE-----