Documentation ¶
Overview ¶
Package kerby is a cgo wrapper for Kerberos GSSAPI
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ServerPrincipalDetails ¶
Returns the service principal for the server given a service type and hostname. Adopted from PyKerberos.
Types ¶
type KerbClient ¶
type KerbClient struct {
// contains filtered or unexported fields
}
Kerberos GSSAPI Client
func (*KerbClient) Clean ¶
func (kc *KerbClient) Clean()
Destroys the context for GSSAPI client-side authentication. After this call the KerbClient.state object is invalid and should not be used again.
func (KerbClient) GssError ¶
func (kc KerbClient) GssError() error
Returns the last major/minor GSSAPI error messages
func (*KerbClient) Init ¶
func (kc *KerbClient) Init(srv, princ string) error
Initializes a context for Kerberos GSSAPI client-side authentication. KerbClient.Clean must be called after this function returns succesfully to dispose of the context once all GSSAPI operations are complete. srv is the service principal in the form "type@fqdn". princ is the client principal in the form "user@realm".
func (*KerbClient) Response ¶
func (kc *KerbClient) Response() string
Get the client response from the last successful GSSAPI client-side step.
func (*KerbClient) Step ¶
func (kc *KerbClient) Step(chlg string) error
Processes a single GSSAPI client-side step using the supplied server data.
type KerbServer ¶
type KerbServer struct {
// contains filtered or unexported fields
}
Kerberos GSSAPI Server
func (*KerbServer) Clean ¶
func (ks *KerbServer) Clean()
Destroys the context for GSSAPI server-side authentication. After this call the KerbServer.state object is invalid and should not be used again.
func (KerbServer) GssError ¶
func (ks KerbServer) GssError() error
Returns the last major/minor GSSAPI error messages
func (*KerbServer) Init ¶
func (ks *KerbServer) Init(srv string) error
Initializes a context for GSSAPI server-side authentication with the given service principal. KerbServer.Clean must be called after this function returns succesfully to dispose of the context once all GSSAPI operations are complete. srv is the service principal in the form "type@fqdn".
func (*KerbServer) Response ¶
func (ks *KerbServer) Response() string
Get the server response from the last successful GSSAPI server-side step.
func (*KerbServer) Step ¶
func (ks *KerbServer) Step(chlg string) error
Processes a single GSSAPI server-side step using the supplied client data.
func (*KerbServer) TargetName ¶
func (ks *KerbServer) TargetName() string
Get the target name if the server did not supply its own credentials. This method must only be called after KerbServer.Step returns a complete or continue response code.
func (*KerbServer) UserName ¶
func (ks *KerbServer) UserName() string
Get the user name of the principal trying to authenticate to the server. This method must only be called after KerbServer.Step returns a complete or continue response code.
Directories ¶
Path | Synopsis |
---|---|
cmd
|
|
kerby
This is an example implementation for client/server SPNEGO-based Kerberos HTTP authentication
|
This is an example implementation for client/server SPNEGO-based Kerberos HTTP authentication |
Package khttp is a transport that authenticates all outgoing requests using SPNEGO (negotiate authentication) http://tools.ietf.org/html/rfc4559.
|
Package khttp is a transport that authenticates all outgoing requests using SPNEGO (negotiate authentication) http://tools.ietf.org/html/rfc4559. |