Different realms
Robbie Harwood
rharwood at redhat.com
Sun Jan 28 07:41:02 EST 2018
"Imanuel Greenfeld" <imanuel.greenfeld1 at ntlworld.com> writes:
> public void doWithKeytabFile() {
> KerberosRestTemplate restTemplate =
> new KerberosRestTemplate("/tmp/user2.keytab",
> "user2 at EXAMPLE.ORG");
> restTemplate.getForObject("http://neo.example.org:8080/hello",
> String.class);
> }
>
> As you can see the HTTP request just has one "endpoint" so the keytab needs
> to be part of it.
>
> But in C++ I cannot find a way how to achieve the same - in other words,
> once I have the keytab in the code, and I separately build the HTTP request,
> how do I incorporate that keytab to that HTTP request ?
The keytab isn't part of the request. The *credential*, which is
derived from the keytab, is part of the request.
> I can only change the client code - the server code is not available to me.
>
> Once again, I'm trying to find C/C++ good example.
You'll most likely need to write it yourself, which is why I linked you
the requests-gssapi version. I'm not sure anyone's done the client side
of this from C, other than curl [1]. I don't find that easier to read
than the python, but I'm of course biased.
Thanks,
--Robbie
1: https://github.com/curl/curl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20180128/5e4bcfed/attachment.bin
More information about the Kerberos
mailing list