Hi Kiran, Thanks for your help. I understand that KdcConnection->getTgt() can be called to request a TGT ticket with specified principal and password. My question is how to store the result TGT ticket in File Credential Cache (FCC) like kinit does. I would clarify that it's not to store the password of a principal to a file as keytab does. Thanks.
Regards, Kai From: [email protected] [mailto:[email protected]] On Behalf Of Kiran Ayyagari Sent: Monday, August 19, 2013 6:10 PM To: Apache Directory Developers List Subject: Re: [ApacheDS] File credentials cache for Kerberos ApacheDS comes with a kerberos client see[1] and you can make use of Keytab class[2] to write TGTs to a file. HTH [1] http://svn.apache.org/repos/asf/directory/apacheds/trunk/kerberos-client [2] http://svn.apache.org/repos/asf/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/server/kerberos/shared/keytab/ On Mon, Aug 19, 2013 at 2:52 PM, Zheng, Kai <[email protected]<mailto:[email protected]>> wrote: Hi all, I'm new to ApacheDS, and know that it provides a KDC, which is very useful for Kerberos related automation tests. I'm looking for some feature or codes to cache TGT in file in compatible format with krb5 FCC . The cached TGT as credentials can be loaded from the file cache by other tools or libraries like Krb5LoginModule (a JAAS module bundled in JRE) and then used to do login or whatever. After some investigation, I realized it may need development effort. Before I dive into this, could you please confirm I'm not missing something? I'm wondering if ApacheDS would come up kinit like tools for itself, if so then credentials cache for TGT would be a good starting, and I'd like to contribute when get more inputs. Thanks & regards, Kai -- Kiran Ayyagari http://keydap.com
