Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
General
GeneralPortable MacsHardwareNetworking
Applications
Mac ApplicationsEudoraFirefox / MozillaInternet ExplorerOutlook ExpressMS OfficeEntourageExcelPowerPointWordVirtual PCMedia PlayerOther MS Products
Programming
Mac ProgrammingCodeWarriorPerl
Country Specific
Australian Mac GroupUK Mac Group

Mac Forum / Programming / Perl / May 2006


Tip: Looking for answers? Try searching our database.

Authen::Krb5 Help

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Dennis Putnam - 22 May 2006 14:49 GMT
I hope this is the appropriate form for this as I am trying to write  
a script that obtains a Kerberos ticket for my pop server. I am  
getting a Kerberos error from 'get_in_tkt_with_password'. The error  
is "No credentials cache found." My kdc log only shows 'badlogin'. My  
script is below. Can someone spot the error or at least point me to a  
more appropriate form? Thanks.

#!/usr/bin/perl -w
#
# Script that reads mail from the POP server to attach it to a case in
# aimaudit via web services to the imaging system.

use strict;
use Net::POP3;
use Authen::Krb5;

my $USERNAME="myusername";
my $PASSWORD="mypassword";
my $SERVICE="pop";
my $SERVER="popserver.mydomain.com";

my $ac=Authen::Krb5::init_context();
defined $ac or die "Fatal: Unable to establish Kerberos context\n";

my $clientp=Authen::Krb5::parse_name($USERNAME);
my $serverp=Authen::Krb5::sname_to_principal($SERVER,
$SERVICE,KRB5_NT_SRV_HST);
my $cc=Authen::Krb5::cc_default();

if (Authen::Krb5::get_in_tkt_with_password($clientp,$serverp,
$PASSWORD,$cc)) {
    print "Success!!!\n";
    my $sasl=new Authen::SASL(mechanism=> "GSSAPI SASL");
    my $pop=Net::POP3->new($SERVER)
        or die "Unable to connect to mail server: ",$!,"\n";
    if ($pop->auth($sasl) > 0) {
        my $messages=$pop->list()
            or die "Unable to get messages: ",$!,"\n";
    }
    else {
        print "Authentication failed: ",$!,"\n";
    }
}
else {
    print "Unable to get Kerberos ticket: ",Authen::Krb5::error(),"\n";
}

Authen::Krb5::free_context();

Dennis Putnam
Sr. IT Systems Administrator
AIM Systems, Inc.
11675 Rainwater Dr., Suite 200
Alpharetta, GA  30004
Phone: 678-240-4112
Main Phone: 678-297-0700
FAX: 678-297-2666 or 770-576-1000
The information contained in this e-mail and any attachments is  
strictly confidential. If you are not the intended recipient, any  
use, dissemination, distribution, or duplication of any part of this  
e-mail or any attachment is prohibited. If you are not the intended  
recipient, please notify the sender by return e-mail and delete all  
copies, including the attachments.
Reply to this Message
Sherm Pendley - 22 May 2006 18:48 GMT
> I hope this is the appropriate form for this as I am trying to  
> write a script that obtains a Kerberos ticket for my pop server. I  
[quoted text clipped - 24 lines]
> $SERVICE,KRB5_NT_SRV_HST);
> my $cc=Authen::Krb5::cc_default();

Have you tried creating a new credentials cache here, instead of  
using the default?

    my $cc = Authen::Krb5::Ccache::initialize($serverp);

sherm--

Cocoa programming in Perl: http://camelbones.sourceforge.net
Hire me! My resume: http://www.dot-app.org
Reply to this Message
Dennis Putnam - 22 May 2006 19:07 GMT
Thanks for the reply. I finally figured out what is happening but I  
don't know how to fix it. It seems that 'get_in_tkt_with_password'  
does not create a TGT first and without that it can't get a ticket.  
The question now becomes, what method in Authen::Krb5 obtains a TGT?  
It is not apparent from the POD (there is, 'build_principal_ext(p)'  
but that doesn't seem to work and the POD indicates it is legacy  
anyway) how to do that.

>> I hope this is the appropriate form for this as I am trying to  
>> write a script that obtains a Kerberos ticket for my pop server. I  
[quoted text clipped - 35 lines]
> Cocoa programming in Perl: http://camelbones.sourceforge.net
> Hire me! My resume: http://www.dot-app.org

Dennis Putnam
Sr. IT Systems Administrator
AIM Systems, Inc.
11675 Rainwater Dr., Suite 200
Alpharetta, GA  30004
Phone: 678-240-4112
Main Phone: 678-297-0700
FAX: 678-297-2666 or 770-576-1000
The information contained in this e-mail and any attachments is  
strictly confidential. If you are not the intended recipient, any  
use, dissemination, distribution, or duplication of any part of this  
e-mail or any attachment is prohibited. If you are not the intended  
recipient, please notify the sender by return e-mail and delete all  
copies, including the attachments.
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.