SSO Application needs username from GSSName (or GSSAPI)
amit
amitsggs at gmail.com
Tue Aug 5 07:55:33 EDT 2014
Thank you Simo & Nico,
Simo, Nico is right about my application.
Please have a look at the following link which talks about realm name in
kerberos.
It says that you can have anything as a realm name but when it comes to
follow the conventions, realm name should be a domain name in capital
letters.
http://web.mit.edu/kerberos/krb5-devel/doc/admin/realm_config.html
So, assuming that customers will always follow the conventions of kerberos
and will keep the realm name as a capital letter of domain name.
Again, following link talks about what restrictions domain name have.
https://www.register.com/policy/domain-extension-rules.rcmx
So, it looks like domain name can never have '@' sign in it (which intern
says that realm name will never have the '@' sign in it).
Cropping the GSSName string with its last index of '@' will give me the
username.
Please let me know if I am mistaken somewhere.
--
View this message in context: http://kerberos.996246.n3.nabble.com/SSO-Application-needs-username-from-GSSName-or-GSSAPI-tp41081p41184.html
Sent from the Kerberos - Dev mailing list archive at Nabble.com.
More information about the krbdev
mailing list