On Mon, 2006-08-21 at 18:29 -0400, Michael B Allen wrote: > On Mon, 21 Aug 2006 21:48:30 +0200 > Fredrik Tolf <[EMAIL PROTECTED]> wrote: > > > So, I'm wondering, are the messages created by JGSS compatible with the > > ones used by the native MIT API? > > Yes. There have been bugs in Java's Kerberos implementation but I'm not > sure if there is anything outstanding. Otherwise, JGSS should be fully > compatible with MIT, Heimdal, Microsoft, ...
Sorry, I guess I should rephrase myself. I didn't mean to ask whether JGSS is compatible with MIT's, Heimdal's and Microsoft's GSSAPI implementation (because I would find it very weird if it wasn't), but rather whether the messages generated by GSSAPI (whether it be JGSS or MIT's libgssapi_krb5) is compatible with the messages generated by the "native" Krb5 API. That is, if I generate an initial token with the GSSContext.initSecContext method and send it to a server, will the server be able to pass that token directly into krb5_rd_req and having it be understood? I realize that the Kerberos protocol is standardized in an RFC (although I don't remember which RFC right now), but I'm guessing that it's possible that GSSAPI might add some encapsulation data or something that would require pre-parsing, basically. Thanks for your replies, Michael and Seema! Fredrik Tolf ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
