The Kerberos class can be used to authenticate users using Kerberos 5.0.
The Kerberos class implements the Kerberos protocol defined in RFC 1510 and RFC 4120. The class provides a simple interface to easily authenticate users.
When Authenticate is called the class will attempt to authenticate the user with the Key Distribution Center (KDC). The class will communicate with the KDCHost to obtain a service ticket and populate AuthToken. The following properties are required when calling this method:
A typical sequence of messages would be:
- KRB_AS_REQ -> KDC
- KRB_AS_REP <- KDC
- KRB_TGS_REQ -> KDC
- KRB_TGS_REP <- KDC
- AuthToken is populated with the constructed KRB_AP_REP message.
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
|AuthToken||The authentication token.|
|KDCHost||The domain name or IP address of the Key Distribution Center (KDC).|
|KDCPort||The port for the Key Distribution Center (KDC).|
|Password||The user's password.|
|SPN||The Service Principal Name (SPN).|
|Timeout||A timeout for the class.|
|User||The name and domain of the user to authenticate.|
|UseTCP||Whether TCP is used when establishing the connection.|
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
|Authenticate||Authenticates the user.|
|Config||Sets or retrieves a configuration setting.|
|DoEvents||Processes events from the internal message queue.|
|Interrupt||Interrupt the current method.|
|Reset||Resets the class properties to their default values.|
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
|Error||Information about errors during data delivery.|
|Log||Fires once for each log message.|
|PITrail||Traces the messages sent to the server, and the respective replies.|
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
|CredentialsCacheFile||The credentials cache file.|
|EncodeAuthToken||Whether to Base64 encode the AuthToken.|
|EncryptionTypes||The encryption types used during authentication.|
|KeytabFile||The Kerberos Keytab file.|
|LogKerberosPackets||Whether to include the raw Kerberos packets in PITrail output.|
|LogLevel||The level of detail that is logged.|
|UsePlatformKerberosAPI||Whether to use the platform Kerberos API.|
|CaptureIPPacketInfo||Used to capture the packet information.|
|DestinationAddress||Used to get the destination address from the packet information.|
|DontFragment||Used to set the Don't Fragment flag of outgoing packets.|
|LocalHost||The name of the local host through which connections are initiated or accepted.|
|LocalPort||The port in the local host where the class binds.|
|MaxPacketSize||The maximum length of the packets that can be received.|
|QOSDSCPValue||Used to specify an arbitrary QOS/DSCP setting (optional).|
|QOSTrafficType||Used to specify QOS/DSCP settings (optional).|
|ShareLocalPort||If set to True, allows more than one instance of the class to be active on the same local port.|
|UseConnection||Determines whether to use a connected socket.|
|UseIPv6||Whether or not to use IPv6.|
|AbsoluteTimeout||Determines whether timeouts are inactivity timeouts or absolute timeouts.|
|FirewallData||Used to send extra data to the firewall.|
|InBufferSize||The size in bytes of the incoming queue of the socket.|
|OutBufferSize||The size in bytes of the outgoing queue of the socket.|
|BuildInfo||Information about the product's build.|
|CodePage||The system code page used for Unicode to Multibyte translations.|
|LicenseInfo||Information about the current license.|
|UseInternalSecurityAPI||Tells the class whether or not to use the system security libraries or an internal implementation.|