Different realms
Imanuel Greenfeld
imanuel.greenfeld1 at ntlworld.com
Sun Jan 21 14:12:04 EST 2018
Hello
I have 2 domains which there is no trust between them.
I'm running a process on Domain 1. This needs to submit HTTP rest request
to Domain 2 which the KDC is also on the same domain (i.e. domain 2).
I have keytab (for the service account on Domain 2) and kerb5.conf with the
details of the two realms.
I found a way to incorporate the keytab into the HTTP request in Java but
not in C/C++.
I know there are functions such as krb5_get_init_creds_keytab but I do not
know how to achieve the same in C/C++ (as I did in Java). So when I have
the keytab, how do I incorporate this to the HTTP header ?
My colleagues suggested send the JSON message to a Java process and let that
one request a token from the KDC and do the Kerberos Authentication and
Authorization.
Can you please advise if there is a nicer way to do so ?
Many thanks
Imanuel.
More information about the Kerberos
mailing list