Different realms

Imanuel Greenfeld imanuel.greenfeld1 at ntlworld.com
Sun Jan 21 14:12:04 EST 2018


Hello

 

I have 2 domains which there is no trust between them.

 

I'm running a process on Domain 1.  This needs to submit HTTP rest request
to Domain 2 which the KDC is also on the same domain (i.e. domain 2).

 

I have keytab (for the service account on Domain 2) and kerb5.conf with the
details of the two realms.

 

I found a way to incorporate the keytab into the HTTP request in Java but
not in C/C++.

 

I know there are functions such as krb5_get_init_creds_keytab but I do  not
know how to achieve the same in C/C++ (as I did in Java).  So when I have
the keytab, how do I incorporate this to the HTTP header ?

 

My colleagues suggested send the JSON message to a Java process and let that
one request a token from the KDC and do the Kerberos Authentication and
Authorization.

 

Can you please advise if there is a nicer way to do so ?

 

Many thanks

 

Imanuel.

 



More information about the Kerberos mailing list