interop - Java/C# Kerberos inter-op possible? -


I implemented a Kerberos server / client using sockets in Java, where the client sends their service-TGT to the server And the server knows that the client is authentic.

My main concern is that 'Man-in-the-Middle' attack can catch a TGT person, and pretend to be a customer

In pure Java implementation , This is not a problem, because the forward communication service is encrypted with session keys (GSSContext.wrap () / GSSContext.unwrap ()), which snapper does not have.

But the client application should be rewritten in C #.

I understand two of my options to keep the encrypted communication:

  1. Write your own wrap () and open () methods C #
  2. Use SSL / TLS.

Option 1 is possible before I see SSL as an option? Option 1 contains some heavy code porting, which may or may not have time for you.

"post-text" itemprop = "text">

Option 2 sounds good.

Option 3 That depends on your odds, use a private encrypted TCP channel, which should be faster than SSL / TLS, but as I said it may not be applicable. This session can use initial symmetric encryption by key (which is hidden)


Comments

Popular posts from this blog

MySql variables and php -

url rewriting - How to implement the returnurl like SO in PHP? -

Which Python client library should I use for CouchdB? -