Iterate over server credentials

Dylan Klomparens dylan.klomparens at gmail.com
Wed Mar 22 15:48:21 EDT 2017


Hello,

I'm writing a program that accepts Kerberos authentication using the
GSSAPI. The program acquires credentials using gss_acquire_cred_from() with
a keytab specified, and this is working properly. The keytab has multiple
principals stored in it. I want to output all the principals that were
acquired, so I tried to use gss_inquire_cred() to find out and
gss_display_name() to print them. This allows me to output the first
principal in the keytab, but only the first one. Is there a way to output
all of them? How can I iterate through all the principals acquired from a
single keytab and output their names?

Once I accept a security context, the program is authenticating correctly,
so it stands to reason that I'm legitimately acquiring multiple credentials
from the same keytab.

(Please forgive any mixups in terminology I may have made, I'm not fully
versed in the Kerberos vocabulary.)

Thanks,
-- Dylan Klomparens


More information about the Kerberos mailing list