-
Type:
Task
-
Resolution: Won't Fix
-
Priority:
Major - P3
-
None
-
Affects Version/s: None
-
Component/s: kerberos
-
Environment:centos 7
-
Empty show more show less
Based on the following https://gist.github.com/pluma/67e4fb9e1c715ef1b96e3be582a0691b example, I'm trying to validate a kerberos ticket obtained from an I.E browser. However, I'm stuck at the initaliseServer step.
kerberos.initializeServer(`HTTPS@blueberries.example.org:358`, (err, server) => {
if (err) {
next(err);
console.error("initServer failed", err);
return;
}
const match = /^Negotiate (.+)$/.exec(req.get("authorization") || "");
if (!match) {
console.log("hello");
console.log("contextComplete", server.contextComplete);
console.log("targetName", server.targetName);
console.log("response", server.response);
res.status(401);
res.set("WWW-Authenticate", "Negotiate");
res.end();
return;
}
Sep 16 11:34:09 blueberries.example.org node[16654]: initServer failed [Error: Unspecified GSS failure. Minor code may provide more information: No key table entry found matching HTTPS/blueberries.example.org:358/example.org@]
When I look at my ketab using kinit the principal name is
HTTPS/blueberries.example.org:358/example.org@example.org.
I don't understand how the initializeServer finds the realm name. Perhaps my server config are incomplete or is there a way to set the realm in the kerberos.js lib?
- is duplicated by
-
NODE-2238 initializeServer is not implemented yet for Windows
-
- Backlog
-