[223] in Info-AFS_Redistribution
MIT vs. AFS Kerberos (for POP)
daemon@ATHENA.MIT.EDU (James Ault)
Fri Jul 19 13:02:39 1991
To: Paul Traina <pst@stanford.edu>
In-Reply-To: Your message of
Cc: info-afs@transarc.com
Date: Fri, 19 Jul 91 12:02:25 -0400
From: James Ault <ault@rpi.edu>
> I don't think I'm giving away any of Transarc's greatest secrets when
> I demostrate (in this code) how to call either of those routines. With
> this info, you should be able to transarcify any login-type program.
Paul, you sent a message about modifying XDM to use the AFS kerberos
libraries, and gave some code that used ka_UserAuthenticate a few
weeks ago. That message was very instructive.
However, now I am trying to modify MH (specifically POP) to use the
AFS kerberos libraries. I have some code that uses MIT kerberos, but
it seems that I will need to modify that to use the AFS library calls
instead of krb_sendauth and krb_recvauth.
1) Is it possible to link with athena Kerberos libraries and have
those programs talk to AFS kerberos servers?
2) If the answer to #1 is No, and I have to modify the code to use AFS
library calls, how should I go about it?
I want the local program to receive the token/ticket from a file in
/tmp (because we use the -tmp option on klog), and then it must
authenticate to the POP server (which is not an AFS server at all).
Most of the examples I have seen have been point-to-point. A client
authenticates to the AFS server, and that's it.
This example is a triangle:
1) a client with an AFS token
2) a POP server (which may not even be running AFS)
3) the AFS kerberos server.
Any help you can give would be most appreciated.
Jim Ault, ITS Systems Programmer, ault@rpi.edu, +1 518 276 2750
