Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

Kerberos FAQ, v2.0 (last modified 8/18/2000)
Section - 4.7. "Illegal cross-realm ticket"

( Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Cities ]


Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 4.6. "Message stream modified"
Next Document: 4.8. "Couldn't authenticate to server: Bad sendauth version was sent"
See reader questions & answers on this topic! - Help others by sharing your knowledge
This means that you were using transitive cross-realm authentication and
that the authentication path wasn't valid.

Question 2.15 explains in greater detail how to configure transitive
cross-realm authentication. Note that currently you need to set up your
configuration file correctly on every application server, since currently it
is the application servers that enforce this restriction. In the next
version of the Kerberos protocol it will be possible to have the KDC do the
transitive realm check.

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 4.6. "Message stream modified"
Next Document: 4.8. "Couldn't authenticate to server: Bad sendauth version was sent"

Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
Ken Hornstein <kenh@cmf.nrl.navy.mil>





Last Update March 27 2014 @ 02:11 PM