Menu
Are there examples which show how Delphi invokes the Active Directory Kerberos server to request a ticket granting ticket / normal ticket?
Background: the ticket is required for authentification to a web service which exchanges confidential information.
Edit: a short source code example would be very helpful. I have found the JEDI Windows Security Code Library which is very impressing. I am not sure if it contains support for Kerberos.
865
If PAM is configured properly, a ticket is created automatically when you log in, and you need not do anything special to obtain a ticket. However, you might need to create a ticket if your ticket expires.
To view or delete Kerberos tickets you can use the Kerberos List (Klist.exe). The Klist.exe is a command-line tool you can find in the Kerberos resource kit. You can only use it to check and delete tickets from the current logon session. We recommend destroying your Kerberos tickets after your use.
Whenever you go to a service that uses Kerberos, you show that master ticket to the Kerberos server and get a ticket specifically for that service. Then, you show the ticket just for that service to the service to prove who you are. All of those tickets are stored on your local system in what is called a ticket cache.
In Kerberos authentication, a Ticket Granting Ticket (TGT) is a user authentication token issued by the Key Distribution Center (KDC) that is used to request access tokens from the Ticket Granting Service (TGS) for specific resources/systems joined to the domain.
According to this you should be able to get one with the InitializeSecurityContext windows API call.
130
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
