Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Failed to load latest commit information.|
= Description This is Daniel Berger's custom implementation of the original krb5-auth library. = Requirements Kerberos 1.7.0 or later, including admin header and library files. = Synopsis require 'krb5_auth' # Get the default realm name krb5 = Krb5Auth::Krb5.new puts krb5.default_realm krb5.close # Get the default keytab name keytab = Krb5Auth::Krb5::Keytab.new puts keytab.default_name keytab.close # Set the password for a given principal kadm5 = Krb5Auth::Kadm5.new(:principal => 'foo/admin', :password => 'xxxx') kadm5.set_password('someuser', 'abc123') kadm5.close # Using the block form Krb5Auth::Kadm5.new(:principal => 'foo/admin', :password => 'xxxx') do |kadm5| p kadm5.get_principal('someuser') kadm5.set_password('someuser', 'abc123') end = Notes This fork heavily modifies the original krb5_auth library. Several new classes and methods have been added. Krb5Auth::Kadm5 Krb5Auth::Kadm5::Config Krb5Auth::Krb5::Keytab Krb5Auth::Krb5::KeytabEntry Krb5Auth::Krb5::CredentialsCache Krb5Auth::Krb5::Principal Krb5Auth::Krb5::Policy With this fork you can create and delete principals, set and reset passwords, set the default realm, and read keytab entries. The code layout has been heavily modified as well. This fork uses separate source files for each class, and uses rake-compiler to glue them all together into a single build. Lastly, this fork includes many more tests. = MIT vs Heimdal This code was written for the MIT Kerberos library. It has not been tested with the Heimdal Kerberos library. = TODO Replace Struct::Principal with a Principal class with its own methods. Create a separate class for the replay cache. Better credentials cache support. Ability to add and delete keytab entries. = CAVEATS OS X users will probably need to install Kerberos manually and specify the dir-config option because it ships with old Kerberos header files, and none of the admin headers or libraries by default. = Author Daniel Berger