Kerberos Class
Properties Methods Events Configuration Settings Errors
The Kerberos class can be used to authenticate users using Kerberos 5.0.
Syntax
IPWorksAuthKerberos
IPWorksAuthKerberosSwift
Remarks
The Kerberos class implements the Kerberos protocol defined in RFC 1510 and RFC 4120. The class provides a simple interface to easily authenticate users.
Authentication
When Authenticate is called the class will attempt to authenticate the user with the Key Distribution Center (KDC). The class will communicate with the KDCHost to obtain a service ticket and populate AuthToken. The following properties are required when calling this method:
A typical sequence of messages would be:
- KRB_AS_REQ -> KDC
- KRB_AS_REP <- KDC
- KRB_TGS_REQ -> KDC
- KRB_TGS_REP <- KDC
- AuthToken is populated with the constructed KRB_AP_REP message.
Communication with the KDCHost can be seen through the PITrail event.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
- authToken | The authentication token. |
- KDCHost | The domain name or IP address of the Key Distribution Center (KDC). |
- KDCPort | The port for the Key Distribution Center (KDC). |
- password | The user's password. |
- SPN | The Service Principal Name (SPN). |
- timeout | A timeout for the class. |
- user | The name and domain of the user to authenticate. |
- useTCP | Whether TCP is used when establishing the connection. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
- authenticate | Authenticates the user. |
- config | Sets or retrieves a configuration setting. |
- doEvents | Processes events from the internal message queue. |
- interrupt | Interrupt the current method. |
- reset | Resets the class properties to their default values. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
- onError | Information about errors during data delivery. |
- onLog | Fires once for each log message. |
- onPITrail | Traces the messages sent to the server, and the respective replies. |
Configuration Settings
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
CredentialsCacheFile | The credentials cache file. |
EncodeAuthToken | Whether to Base64 encode the AuthToken. |
EncryptionTypes | The encryption types used during authentication. |
KeytabFile | The Kerberos Keytab file. |
LogKerberosPackets | Whether to include the raw Kerberos packets in PITrail output. |
LogLevel | The level of detail that is logged. |
UsePlatformKerberosAPI | Whether to use the platform Kerberos API. |
CaptureIPPacketInfo | Used to capture the packet information. |
DestinationAddress | Used to get the destination address from the packet information. |
DontFragment | Used to set the Don't Fragment flag of outgoing packets. |
LocalHost | The name of the local host through which connections are initiated or accepted. |
LocalPort | The port in the local host where the class binds. |
MaxPacketSize | The maximum length of the packets that can be received. |
QOSDSCPValue | Used to specify an arbitrary QOS/DSCP setting (optional). |
QOSTrafficType | Used to specify QOS/DSCP settings (optional). |
ShareLocalPort | If set to True, allows more than one instance of the class to be active on the same local port. |
SourceIPAddress | Used to set the source IP address used when sending a packet. |
SourceMacAddress | Used to set the source MAC address used when sending a packet. |
UseConnection | Determines whether to use a connected socket. |
UseIPv6 | Whether or not to use IPv6. |
AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
FirewallData | Used to send extra data to the firewall. |
InBufferSize | The size in bytes of the incoming queue of the socket. |
OutBufferSize | The size in bytes of the outgoing queue of the socket. |
BuildInfo | Information about the product's build. |
CodePage | The system code page used for Unicode to Multibyte translations. |
LicenseInfo | Information about the current license. |
ProcessIdleEvents | Whether the class uses its internal event loop to process events when the main thread is idle. |
SelectWaitMillis | The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process. |
UseInternalSecurityAPI | Tells the class whether or not to use the system security libraries or an internal implementation. |