How to get Kerberos token for proxy authentication
Ken Hornstein
kenh at cmf.nrl.navy.mil
Thu Mar 21 11:49:54 EDT 2024
>Are you familiar with https://github.com/jcmturner/gokrb5? I've used it
>in the past with some experiments in some Go code I was working on, I
>wasn't touching GSSAPI but there's at least some GSSAPI code in there.
>Might be worth checking out as it's native Go code, no cgo wrapping.
I would caution you that if you are targeting MacOS X as a platform, one
of the most important things is integration with the native credential
cache format (especially if you are assuming your credentials are being
acquired as part of the single signon process). On MacOS X the default
credential cache uses a RPC mechanism to talk to a daemon process (and
that has actually changed to a DIFFERENT RPC service in more recent
versions of MacOS X). My brief look at gokrb5 suggests that it only
supports the FILE credential cache type.
--Ken
More information about the Kerberos
mailing list