[39391] in Kerberos
Re: How to get Kerberos token for proxy authentication
daemon@ATHENA.MIT.EDU (Ken Hornstein via Kerberos)
Sun Mar 17 20:13:00 2024
Message-Id: <202403180011.42I0Bfq8004419@hedwig.cmf.nrl.navy.mil>
To: manju k <m_a_n_j_u_s_k@yahoo.com>
cc: "kerberos@mit.edu" <kerberos@mit.edu>
In-Reply-To: <1182031369.5745575.1710653866918@mail.yahoo.com>
MIME-Version: 1.0
Date: Sun, 17 Mar 2024 20:11:40 -0400
From: Ken Hornstein via Kerberos <kerberos@mit.edu>
Reply-To: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
>Hi, I have a requirement to authenticate my application
>(Golang) against a proxy server which requires Kerberos
>authentication. I have achieved this on Windows using
>github/alexbrainman/sspi Golang package.From that package I
>basically call negotiate.AcquireCurrentUserCredentials() and
>negotiate.NewClientContext() to get the client token which gets passed
>to the proxy server in Proxy-Authorization header. I want to achieve
>the same on macOS and looking for suitable libraries. Can I use MIT
>Kerberos library for this purpose ?what are the APIs equivalent to get
>client token without prompting the user for password ? The user would
>have acquired Kerberos ticket on sign-in as a domain user.
I believe you would want to use the GSSAPI for this. If your header
looks like:
Proxy-Authorization: Negotiate <base64 encoded data>
Then definitely you want to use that. You could use libcurl as example
code if you wanted to see what this would look like.
--Ken
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
