Client development for HTTP Negotiate
Arpit Srivastava
arpit.orb at gmail.com
Thu Feb 28 00:41:17 EST 2013
Hi.
I am developing a client that used Kerberos GSS API authentication using
IETF interface.
Every time, the client application is doing HTTP GET, it requires a new
output token (which is obtained after doing initSecContext).
Now, assuming IETF framework, I have to do createName (gssImportName),
createContext (in which context parameters such as Oid, lifetime etc are
being set) and then do context.dispose (in which buffers are being released
etc) everytime to fetch a new output token to be sent as negotiate header
with HTTP request.
I have to do all this everytime, because once context is established,
initSecContext is throwing exception that "Context is already fully
established". and so I have to dispose this context and create a new one.
All these api calls are taking a lot of time and making whole application
very slow and causing code redundancy.
Please guide me
1. if I am following the right approach of
createContext->initSecContext->disposeContext for every HTTP request client
will make. (same token can not be used in every HTTP request, that gives an
error)
2. If not, let me know what I shall do to use the same fully established
context to generate new tokens.
Looking forward for your response.
Regards,
Arpit
More information about the krbdev
mailing list