Kerberos Component
Properties Methods Events Configuration Settings Errors
The Kerberos component can be used to authenticate users using Kerberos 5.0.
Syntax
nsoftware.IPWorksAuth.Kerberos
Remarks
The Kerberos component implements the Kerberos protocol defined in RFC 1510 and RFC 4120. The component provides a simple interface to easily authenticate users.
Authentication
When Authenticate is called the component will attempt to authenticate the user with the Key Distribution Center (KDC). The component will communicate with the KDCHost to obtain a service ticket and populate AuthToken. The following properties are required when calling this method:
A typical sequence of messages would be:
- KRB_AS_REQ -> KDC
- KRB_AS_REP <- KDC
- KRB_TGS_REQ -> KDC
- KRB_TGS_REP <- KDC
- AuthToken is populated with the constructed KRB_AP_REP message.
Communication with the KDCHost can be seen through the PITrail event.
Property List
The following is the full list of the properties of the component with short descriptions. Click on the links for further details.
| AuthToken | The authentication token. |
| KDCHost | The domain name or IP address of the Key Distribution Center (KDC). |
| KDCPort | The port for the Key Distribution Center (KDC). |
| Password | The user's password. |
| SPN | The Service Principal Name (SPN). |
| Timeout | A timeout for the component. |
| User | The name and domain of the user to authenticate. |
Method List
The following is the full list of the methods of the component with short descriptions. Click on the links for further details.
| Authenticate | Authenticates the user. |
| Config | Sets or retrieves a configuration setting . |
| DoEvents | Processes events from the internal message queue. |
| Interrupt | Interrupt the current method. |
| Reset | Resets the component properties to their default values. |
Event List
The following is the full list of the events fired by the component with short descriptions. Click on the links for further details.
| Error | Information about errors during data delivery. |
| PITrail | Traces the messages sent to the server, and the respective replies. |
Configuration Settings
The following is a list of configuration settings for the component with short descriptions. Click on the links for further details.
| EncodeAuthToken | Whether to Base64 encode the AuthToken. |
| EncryptionTypes | The encryption types used during authentication. |
| LogKerberosPackets | Whether to include the raw Kerberos packets in PITrail output. |
| UsePlatformKerberosAPI | Whether to use the platform Kerberos API. |
| CaptureIPPacketInfo | Used to capture the packet information. |
| DestinationAddress | Used to get the destination address from the packet information. |
| DontFragment | Used to set the Don't Fragment flag of outgoing packets. |
| LocalHost | The name of the local host through which connections are initiated or accepted. |
| LocalPort | The TCP port in the local host where the component binds. |
| MaxPacketSize | The maximum length of the packets that can be received. |
| ShareLocalPort | If set to True, allows more than one instance of the component to be active on the same local port. |
| UseConnection | Determines whether to use a connected socket. |
| QOSDSCPValue | Used to specify an arbitrary QOS/DSCP setting (optional). |
| QOSTrafficType | Used to specify QOS/DSCP settings (optional). |
| UseIPv6 | Whether or not to use IPv6. |
| AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
| FirewallData | Used to send extra data to the firewall. |
| InBufferSize | The size in bytes of the incoming queue of the socket. |
| OutBufferSize | The size in bytes of the outgoing queue of the socket. |
| CodePage | The system code page used for Unicode to Multibyte translations. |