Hello Ben, Thanks for your advice.
I understand it much better now. I'm getting a token back from the KDC - it's huge encrypted string. I need to incorporate that into my HTTP request. I'm thinking whether it I'll get through the authentication by adding this to HTTP header. The HTTP headers I looked at had :- Authorization: Basic <token> For example : Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1 Any ideas how I can do that ? Should I treat is as a string ? Thanks Imanuel. -----Original Message----- From: Benjamin Kaduk [mailto:ka...@mit.edu] Sent: 09 January 2018 00:15 To: Imanuel Greenfeld <imanuel.greenfe...@ntlworld.com> Cc: kerberos@mit.edu Subject: Re: krb5_verify_user On Mon, Jan 08, 2018 at 09:49:06PM +0000, Imanuel Greenfeld wrote: > Hello, > > > > Hope you're well. > > > > Happy new year. > > > > I am looking for krb5_verify_user function under krb5/krb5.h and in > fact anywhere but cannot find it. > > > > I know it's not recommended to use it with the password, but I want to > see if I can prove the point. > > > > I am therefore getting compilation error for the function needing a > prototype. > > > > I'm using 1.16 and also tried on 1.15.2 > > > > Any ideas please ? krb5_verify_user() is a function in the Heimdal implementation of Kerberos, but is not present in MIT krb5. Upon cursory examination, it seems that krb5_get_init_creds_password() and krb5_verify_init_creds() together might be a suitable replacement. Note that it requires the caller to have access to a service keytab (and the principal name must be specified if it is not host/<localhost>). -Ben ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
