Is it required to use GSSAPI code for the Kerberos Server Auth?
Jeffrey Altman
jaltman2 at nyc.rr.com
Tue Mar 21 09:43:30 EST 2006
SMTP Authentication is specified by RFC 2554.
ftp://ftp.rfc-editor.org/in-notes/rfc2554.txt
This RFC specifies the use of SASL (RFC 2222)
ftp://ftp.rfc-editor.org/in-notes/rfc2554.txt
To use Kerberos with SASL you would utilize a
SASL GSS-Krb5 mechanism.
You might want to look at the Cyrus SASL
implementation:
http://asg.web.cmu.edu/sasl/
Jeffrey Altman
Surendra Babu A wrote:
> Hi Team,
>
> Could you please let me know your thoughts on the below mentioned issue.
>
> Point #1
> ----------
> I am working on SA (Server Authentication) feature of Kerberos.
> - Is it required to port GSSAPI code for this feature of SA?
> - If so, where should I use this mechansim in kerberos client code? That
> means, between TGS_REP and AP_REQ?
> - What is the exact procedure to use the GSSAPI code?
>
> I am using MIT code and Linux Serevr (sendmail server, SMTP as the
> Application server, ie I need to do server authenticatio for that SMTP
> server.
>
> POINT#2:
> ----------
> I tried by sending AP_REQ to SMTP server successfuly but I could not
> recevice the AP_REP successfuly. I think AP_REQ packet is not properly
> understood by SMTP server since I have not been using the GSSAPI code in my
> implementation. So should I port the GSSAPI code in to my code base and do
> SA??
>
> Could you please throw some light on the same?
>
> Thank you,
> -Surendra
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list