Hello,
I'm attempting to use http://www.stonesoup.org/javak to build an
application that can use kerberos v4 telnet authentication. However,
despite a week of reading documents and source, I'm still new to all
of this and having difficulties. My general procedure:
1. Create and send an AS request to the KDC server with client of
user@REALM and server using the same REALM.
2. Receive reply and obtain initial credentials using password as
key.
3. Create and send a TGS request to the same KDC server with the
initial credentials, client user@REALM and server rcmd.addr@REALM
4. Receive reply and obtain credentials (krbtgt.REALM@REALM)
5. Use credentials with telnet authentication.
First, am I using the correct client name (username), instance (empty)
and realm (DOMAIN.EXT capitalized) and server name ("rcmd"), instance
(sub-domain), and realm (DOMAIN.EXT capitalized, same as client
realm)?
Second, I am receiving an error 'clockskew too big' (RD_AP_TIME) from
the reply from the TGS. When I look at the timestamp on the initial
credentials obtained from the AS, they are within seconds of my own
clock. Any ideas why I might be receiving this error, how I can debug
it further (anyone running a test server that I can try to communicate
with?), or any other advice?
Thanks,
-Brett
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
http://mailman.mit.edu/mailman/listinfo/kerberos
