[38183] in Kerberos
Different realms
daemon@ATHENA.MIT.EDU (Imanuel Greenfeld)
Sun Jan 21 15:22:40 2018
From: "Imanuel Greenfeld" <imanuel.greenfeld1@ntlworld.com>
To: <kerberos@mit.edu>
Date: Sun, 21 Jan 2018 19:12:04 -0000
Message-ID: <002401d392eb$bc0a5540$341effc0$@ntlworld.com>
MIME-Version: 1.0
Content-Language: en-gb
Cc: "'Simo Sorce'" <simo@redhat.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hello
I have 2 domains which there is no trust between them.
I'm running a process on Domain 1. This needs to submit HTTP rest request
to Domain 2 which the KDC is also on the same domain (i.e. domain 2).
I have keytab (for the service account on Domain 2) and kerb5.conf with the
details of the two realms.
I found a way to incorporate the keytab into the HTTP request in Java but
not in C/C++.
I know there are functions such as krb5_get_init_creds_keytab but I do not
know how to achieve the same in C/C++ (as I did in Java). So when I have
the keytab, how do I incorporate this to the HTTP header ?
My colleagues suggested send the JSON message to a Java process and let that
one request a token from the KDC and do the Kerberos Authentication and
Authorization.
Can you please advise if there is a nicer way to do so ?
Many thanks
Imanuel.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
