Kerberos Class

Properties   Methods   Events   Configuration Settings   Errors  

The Kerberos class can be used to authenticate users using Kerberos 5.0.

Syntax

IPWorksAuthKerberos
IPWorksAuthKerberosSwift

Remarks

The Kerberos class implements the Kerberos protocol defined in RFC 1510 and RFC 4120. The class provides a simple interface to easily authenticate users.

Authentication

When Authenticate is called the class will attempt to authenticate the user with the Key Distribution Center (KDC). The class will communicate with the KDCHost to obtain a service ticket and populate AuthToken. The following properties are required when calling this method:

A typical sequence of messages would be:

  • KRB_AS_REQ -> KDC
  • KRB_AS_REP <- KDC
  • KRB_TGS_REQ -> KDC
  • KRB_TGS_REP <- KDC
  • AuthToken is populated with the constructed KRB_AP_REP message.

Communication with the KDCHost can be seen through the PITrail event.

Property List


The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

- authTokenThe authentication token.
- KDCHostThe domain name or IP address of the Key Distribution Center (KDC).
- KDCPortThe port for the Key Distribution Center (KDC).
- passwordThe user's password.
- SPNThe Service Principal Name (SPN).
- timeoutA timeout for the class.
- userThe name and domain of the user to authenticate.
- useTCPWhether TCP is used when establishing the connection.

Method List


The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

- authenticateAuthenticates the user.
- configSets or retrieves a configuration setting.
- doEventsProcesses events from the internal message queue.
- interruptInterrupt the current method.
- resetResets the class properties to their default values.

Event List


The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

- onErrorInformation about errors during data delivery.
- onLogFires once for each log message.
- onPITrailTraces the messages sent to the server, and the respective replies.

Configuration Settings


The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.

CredentialsCacheFileThe credentials cache file.
EncodeAuthTokenWhether to Base64 encode the AuthToken.
EncryptionTypesThe encryption types used during authentication.
KeytabFileThe Kerberos Keytab file.
LogKerberosPacketsWhether to include the raw Kerberos packets in PITrail output.
LogLevelThe level of detail that is logged.
UsePlatformKerberosAPIWhether to use the platform Kerberos API.
CaptureIPPacketInfoUsed to capture the packet information.
DestinationAddressUsed to get the destination address from the packet information.
DontFragmentUsed to set the Don't Fragment flag of outgoing packets.
LocalHostThe name of the local host through which connections are initiated or accepted.
LocalPortThe port in the local host where the class binds.
MaxPacketSizeThe maximum length of the packets that can be received.
QOSDSCPValueUsed to specify an arbitrary QOS/DSCP setting (optional).
QOSTrafficTypeUsed to specify QOS/DSCP settings (optional).
ShareLocalPortIf set to True, allows more than one instance of the class to be active on the same local port.
SourceIPAddressUsed to set the source IP address used when sending a packet.
SourceMacAddressUsed to set the source MAC address used when sending a packet.
UseConnectionDetermines whether to use a connected socket.
UseIPv6Whether or not to use IPv6.
AbsoluteTimeoutDetermines whether timeouts are inactivity timeouts or absolute timeouts.
FirewallDataUsed to send extra data to the firewall.
InBufferSizeThe size in bytes of the incoming queue of the socket.
OutBufferSizeThe size in bytes of the outgoing queue of the socket.
BuildInfoInformation about the product's build.
CodePageThe system code page used for Unicode to Multibyte translations.
LicenseInfoInformation about the current license.
ProcessIdleEventsWhether the class uses its internal event loop to process events when the main thread is idle.
SelectWaitMillisThe length of time in milliseconds the class will wait when DoEvents is called if there are no events to process.
UseInternalSecurityAPITells the class whether or not to use the system security libraries or an internal implementation.

Copyright (c) 2022 /n software inc. - All rights reserved.
IPWorks Auth 2020 iOS Edition - Version 20.0 [Build 8155]