[security-dev 00048]: Re: LSA ticket question
Max (Weijun) Wang
Weijun.Wang at Sun.COM
Mon Jan 14 14:14:25 UTC 2008
I have doubt. I find two kinds of struct for Kerberos ticket:
KERB_EXTERNAL_TICKET, and KERB_TICEKT_CACHE_INFO. The former include
an encoded form field, the later only name and flags etc. I can get
an KERB_TICEKT_CACHE_INFO object for the FORWARDED ticket, but cannot
find a way to convert it into KERB_EXTERNAL_TICKET.
Max
On Jan 14, 2008, at 10:07 PM, Andrew Fan wrote:
> Max (Weijun) Wang wrote:
>> Hi Andrew
>>
>> Want to confirm something with you: There are some kinds of
>> Kerberos tickets inside the LSA cache that you can never get the
>> encoded form, right?
>>
> I don't have any experience on this issue. But I think even if it
> is a ticket, so it is should encoded in standard format, that's the
> way the ticket exchanged among peers, I will try to look into it
> tomorrow or the day after tomorrow.
>
> Andrew
>> I've seen a ticket in kerbtray.exe that's flagged FORWARDED, but
>> never find out how to get its encoded form, therefore cannot use
>> it in Java.
>>
>> Thanks
>> Max
>>
>
More information about the security-dev
mailing list