Please assist. See below.
-----Original Message----- From: Tom Yu [mailto:t...@mit.edu] Sent: Wednesday, October 07, 2015 2:31 PM To: Binder, Dale Subject: Re: Documentation__GSSAPI mechanism interface Hi Dale, You have sent mail to a bug-reporting address. It seems that you aren't reporting a specific bug. For the sort of question that you're asking, I suggest using the kerberos@mit.edu mailing list, which is a community-based support resource. Thanks, -Tom "Binder, Dale" <dale.bin...@bankofamerica.com> writes: > I need support using MIT's Kerberos implementation with a C# .net web client > (VS 2013). MS Premier Support says it's not doable unless I have some .NET > implementation that calls the GSSAPI directly. > > See below: > > > From: Frank Kim [mailto:frank....@microsoft.com] > Sent: Monday, October 05, 2015 7:36 PM > To: Binder, Dale > Cc: MSSolve Case Email; Jeff Lambert > Subject: [REG:115100513230017] how to create Kerberos token by using a local > KDC C:\Users\nbkvw7l\KerberosCacheFile\krb5cache server. > > Hi Dale, > > It was a pleasure speaking with you on the phone today in regards to your > issue with MIT Kerberos. > > The key issue here is that SSPI which is internally used by IE and .NET only > recognizes Windows Kerberos Tickets. It doesn't know anything about MIT > Kerberos tickets. In order to interface with these tickets, you have to use > the GSS APIs. An example of a product using these APIs is Firefox. As you > have mentioned if you set Network.auth.use-sspi to FALSE > (http://kb.mozillazine.org/Network.auth.use-sspi ), it tells Firefox to use > the GSS APIs instead of SSPI. > > Your only options is to find a .NET class which uses the GSS APIs and > implements the same classes as the Web Client classes or you would need to > directly call the GSS APIs yourself via pinvoke to interface with the web > server directly and build the HTTP packets yourself. > > Please let me know if you have any questions or comments. > > thanks > > Frank Kim (frank....@microsoft.com<mailto:frank....@microsoft.com>) > Sr. Escalation Engineer > Developer Tools - Windows SDK > > +1 (425) 538 0692 > Typical Hours - 8:30 - 17:30 > (UTC-08:00) Pacific Standard Time (US & Canada) Meeting and exceeding > your expectations are my top priorities. We are interested in any > feedback you might have about the service you received on this > incident. Please let my manager, John Hornick, know what you think of > the level of service provided; email > john.horn...@microsoft.com<mailto:john.horn...@microsoft.com>, or even > call 425-538-0721 > > > Dale Binder > Develop and Manage > Cyber Security Technology > Global Information Security > > Bank of America > 40 N Main Street > Dayton, OH 45423 > 937.938.1138 (work) > 937.438.3507 (cell) > [cid:image001.jpg@01CC42B3.9D534100] > > ---------------------------------------------------------------------- > This message, and any attachments, is for the intended recipient(s) only, may > contain information that is privileged, confidential and/or proprietary and > subject to important terms and conditions available at > http://www.bankofamerica.com/emaildisclaimer. If you are not the intended > recipient, please delete this message. ---------------------------------------------------------------------- This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
