kdc | 易学教程

Using Static Library in Xcode 4.6.x i.e. Koamtac iOS SDK Integration

阅读更多关于 Using Static Library in Xcode 4.6.x i.e. Koamtac iOS SDK Integration

问题 Here's a link to the Koamtac iOS SDK that i'm trying to use: Koamtac iOS SDK. It includes a static library along with some sample code. Background I'm working on an iPhone application that requires a batch barcode import functionality, using KDC scanner device. The iPhone application is ARC based, and is built using Standard (armv7, armv7s) architecture. Problem I was able to run the KTDemo application (provided with the SDK). However, I'm having a difficult time setting-up the SDK in my own

Kerberos key Lifetime

阅读更多关于 Kerberos key Lifetime

问题 I have a HTTP service running on my domain. But I have few doubts regarding how the life time for my HTTP service is decided. how long can a client be able to use my HTTP service ? 回答1: A Kerberos ticket has a lifetime (e.g. 10 hours) and a renewable lifetime (e.g. 7 days). As long as the ticket is still valid and is still renewable, you can request a "free" renewal -- no password required --, and the lifetime counter is reset (e.g. 10h to go, again). When creating the ticket, each "lifetime"

Kerberos Service Ticket Lifetime vs clock skew

阅读更多关于 Kerberos Service Ticket Lifetime vs clock skew

问题 Clock Skew : In order to prevent intruders from resetting their system clocks in order to continue to use expired tickets, Kerberos V5 is set up to reject ticket requests from any host whose clock is not within the specified maximum clock skew of the KDC (as specified in the kdc.conf file). The default value for maximum clock skew is 300 seconds, or five minutes link Service Ticket lifetime : Value = 0 here means never expires. Now Say I have a kerberos service ticket that never expires, or

Kerberos SPN gets cached on Windows Servers?

阅读更多关于 Kerberos SPN gets cached on Windows Servers?

问题 Been integrating Kerberos authentication in my SSO project. Came across a peculiar scenario. I made a new user and attached an SPN to it. Followed steps on this question and got everything working. By everything I mean :- kinit username - and then entering password gave me the message that ticket was saved. kinit spn(int the format HTTP/FQDN) - and then entering password gave me the message that ticked was saved. After some time I decided to try this over once again, and so I used the command

KDC has no support for encryption type (14)

阅读更多关于 KDC has no support for encryption type (14)

I'm trying to implement SSO with kerberos using spring-security-kerberos extension. I've created a keytab file and I get the following error when trying to access my webapp: GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed) I tried to test my keytab according to this post . The keytab was created with the following command: ktpass /out http-web.keytab /mapuser testing@MYDOMAIN.COM /princ HTTP/testing@MYDOMAIN.COM /pass myPass /ptype KRB5_NT_PRINCIPAL -crypto RC4-HMAC-NT /kvno 0 My krb5.conf is as follow [libdefaults] default_realm = MYDOMAIN.COM permitted