gss_accept_sec_context failing after getting service ticket using service name and password
Gaurav Gaba
gauravg77 at gmail.com
Fri May 26 02:14:24 EDT 2006
Hi,
I am trying to get service ticket using service name and password.
I have been successful in doing so. The steps that I have followed are:
krb5_get_init_creds_password() to obtain a tgt,
then krb5_cc_default(),
then krb5_cc_initialize(),
and krb5_cc_store_cred() to store the tgt in the cache.
After this I have obtained a service ticket for ldap service using
krb5_get_credentials().
So far this is easy. :-)
Now, I want to do accept context by invoking gss_accept_sec_context() but it
requires the credentials
in gss_cred_id_t form whereas krb5_get_credentials() returns creds in
krb5_creds form. Is there a way
to convert from krb5_creds to gss_cred_id_t?
I also tried explicitly storing the service ticket in default credentials
cache using krb5_cc_store_cred()
and then making the call to gss_accept_sec_context() with
acceptor_cred_handle as GSS_C_NO_CREDENTIAL so that
it picks up default credentials but gss_accept_sec_context() call fails.
Thanks in advance.
- Gaurav G.
More information about the krbdev
mailing list