Re: [Perlgssapi-users] gss_nt_service_name

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi, 

Finally, removing the flag, I'm able to use the serviceprincipal
ipmi/IT...@CE.... But I got a new error, and I think that is a 
GSSAPI problem. Let me reminder a little bit my app:

I'm developing a soap service. From the client (mitkerberos) I 
call two procedure (one for making mutual auth, and the other 
for doing the right operation, so two soap messages). 
I first call the procedure1(), i make an accept() on it, 
and I got the serviceticket back. After, I encapsulate the serviceticket
in the soap message and I call the procedure2, where I make another
accept(). If the server is Heimdal on debian, everything goes 
well. But if the server is Mit on RHEL, I got this error:

soap:Server, Security error: in retr_pass(): unable to accept security context   MAJOR::Miscellaneous failure
   MINOR::Request is a replay
        (in cleanup) oid has no value at /usr/lib/perl5/site_perl/5.8.5/SOAP/Lite.pm line 2557.

returning from procedure2(). So, the first accept() in procedure1 goes ok, 
I receive the serviceticket as:

mascanc@pcitadc05 ~/IPMIDEV/rpm/IPMItoolsuite-client-0.9.0/client $ klist
Ticket cache: FILE:/tmp/krb5cc_1001_I9DWU5
Default principal: ma...@CE...

Valid starting     Expires            Service principal
09/25/06 10:05:06  09/26/06 10:05:05  krbtgt/CE...@CE...
09/25/06 10:05:09  09/26/06 10:05:05  af...@CE...
09/25/06 10:29:11  09/26/06 10:05:05  ipmi/IT...@CE...

Kerberos 4 ticket cache: /tmp/tkt1001
klist: You have no tickets cached

but the second call to accept() in procedure2() returns error. 

Have you any ideas?

Thanks!

-- 
Massimiliano Masi

http://www.comunidelchianti.it/~max