Using GSSAPI to talk to a Windows SSPI server.
Kevin Burton
rkevinburton at charter.net
Tue Jan 13 09:54:07 EST 2004
I am using the SSPI workbench (Keith Brown) in "server" mode listening at
port 4242. I am using the MIT distribution of Kerberos and compiled the
source for Windows. There is a program in that distribution called gss. This
program has a single text box entry of the form
machine port principal
I enter
localhost 4242 kburton at ppc.com
The program 'gss' seems to get through the gss_import_name without error,
but in gss_init_sec_context I get two errors resulting from the min_stat and
maj_stat return codes. The first is 'GSS_API error initializing context:
Miscellaneous failure'. The second is 'GSS-API error initializing context:
No credentials cache found'. My question is, how do I establish a credential
cache? The routine kinit indicates that it could not find the KDC. The
application klist also indicates that there is no credential cache. What
configuration step did I miss? This is for a Windows platform. I am mainly
doing this as a proof of concept as the final 'client' will reside on a
non-Windows platform (probably Linux) and will use Kerberos GSSAPI to log
into a Windows server using SSPI on the Windows server.
Thank you for your help.
Kevin Burton
rkevinburton at charter.net
kburton at visa.com
More information about the Kerberos
mailing list