Perl question
Digant C Kasundra
digant at uta.edu
Thu Sep 22 12:36:38 EDT 2005
Hello folks,
I'm trying to find a way to authenticate a username and password pair
regardless of whether the password is expired or not. When using
Authen::Krb5, if an accounts pw is expired, regardless of the password I
use to try to get a ticket, it will give me the error that the password
is expired. How can I verify the username and password?
my $kprinc = Authen::Krb5::parse_name( $uid );
my $kservprinc = Authen::Krb5::sname_to_principal(
$KRB5_REALM,
'krbtgt',
'NT_SRV_HST'
);
my $kcc = Authen::Krb5::cc_default();
$kcc->initialize( $kservprinc );
my $kerror = Authen::Krb5::get_in_tkt_with_password(
$kprinc,
$kservprinc,
$pw,
$kcc
);
#1 means successful authentication, undef otherwise.
if ($kerror eq 1) {
return $ACCEPT;
}
else {
my $errorcode = Authen::Krb5::error();
write_to_log( $eventid, "Kerberos returned error $errorcode: "
. Authen::Krb5::error( $errorcode ) );
}
More information about the Kerberos
mailing list