[30221] in Kerberos
user name in ticket
daemon@ATHENA.MIT.EDU (yuval)
Sun Aug 17 03:26:59 2008
From: "yuval" <yabadi@checkpoint.com>
To: <kerberos@mit.edu>
Date: Sun, 17 Aug 2008 10:26:55 +0300
Message-ID: <003201c9003a$a0c22130$7b2e1dc2@ad.checkpoint.com>
MIME-Version: 1.0
In-Reply-To: <a64bf030807290318k620503fcha2afc7911132e33d@mail.gmail.com>
Reply-To: yabadi@checkpoint.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi All
I have AD environment with IE and apache web server.
The web server configure (web server have AD user with keytab) to required
IE clients to be authenticate.
The client sends to the web server krb ticket. This ticket includes the
client name.
According to RFC4120 section 5.3 it should have.
My question is: what is the source of the name? It is taken from the TGT,
when the user logged on to AD? Or it taken from the user name in request
from AD for this specific ticket (The client sends it name in clear with the
request)?
Regards
Yuval
Abadi
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
