How to acquire a ticket from TGT
Ziangi Jones
ziangij at gmail.com
Fri Mar 3 03:47:18 EST 2006
Hi,
I have a destop application and have to implement single sign-on for it.
*To implement the above mammoth task, I m doing the following:*
(I m using sample code SSPI from microsoft sdk as my base)
1. Created a service (on say, machine 1) which continuously listens
for client connections.
2. Created a dll which calls this service.
3. Before launching my application, dll contacts the service and if
the credentials of the user are correct (i.e. if the user exists in
active directory), launch the application. (both dll & application are on
machine 2.)
4. If the credentials are correct, then using kerbtray i find that i
have got ticket bearing the user name through which i had tried to connect
to the service.
Basically, i m doing authentication EVERYTIME i try to launch the
application which defeats the whole purpose of kerberos. somebody told me
that i should use ticket instead, i.e. i will have to acquire a ticket of
the service from TGT.
Please let me know how to go about it.
Thank you.
More information about the Kerberos
mailing list