[1052] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: inter-realm authentication

daemon@ATHENA.MIT.EDU (Jon A. Rochlis)
Thu Jul 12 23:28:47 1990

From: jon@MIT.EDU (Jon A. Rochlis)
To: alfonso%agena.usc.edu@USC.EDU (Tasha Alfonso)
Cc: alfonso@AGENA.USC.EDU, kerberos@ATHENA.MIT.EDU, cocchi@JERICO.USC.EDU
In-Reply-To: Your message of Thu, 12 Jul 90 18:18:22 -0700.
Date: Thu, 12 Jul 90 21:53:31 EDT

   We get only the first ticket:

   Principal:      root@USC.EDU

     Issued           Expires          Principal
   Jul 12 17:58:11  Jul 13 01:58:11  krbtgt.USC.EDU@USC.EDU

   The kerberos log on USC.EDU reads:

   12-Jul-90 17:57:49 Getting key for USC.EDU
   12-Jul-90 17:58:08 Initial ticket request Host: 128.125.51.1 User:
   "root" ""
   12-Jul-90 17:58:45 APPL Request root.@USC.EDU on 128.125.51.1 for visa.pompei
   12-Jul-90 17:58:45 UNKNOWN "visa" "pompei"

Tasha, 

You should not be seeing the last 2 lines in the USC.EDU logs.  You
should see only see the request for the TGT for USC2.  The USC2 log
should have a request for visa.pompei.

Are you sure that your application is putting USC2.EDU in the service
realm field for the call to krb_sendauth or krb_mk_req (whichever you
use)?  It looks like the application isn't doing that and it's
defaulting to the local realm (USC.EDU).

		-- Jon


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[1052] in Kerberos

Re: inter-realm authentication

daemon@ATHENA.MIT.EDU (Jon A. Rochlis)Thu Jul 12 23:28:47 1990

daemon@ATHENA.MIT.EDU (Jon A. Rochlis)
Thu Jul 12 23:28:47 1990