cURL
Haxx ad
libcurl
Mailing Lists

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-users Archives

Re: negotiate authentication and credential delegation

From: Richard Silverman <res_at_qoxp.net>
Date: Fri, 12 Aug 2011 10:43:07 -0400 (EDT)

On Fri, 12 Aug 2011, y0ghur7 wrote:

> took me some time to get curl to compile, but credential delegation is back
> and it works. I don't know what "policy" is supposed to do, but in my case it
> does not delegate the client credentials (we use AD as kdc).

The "policy" option delegates if and only if the OK-AS-DELEGATE flag is
set in the Kerberos service ticket, which is a matter of realm policy.
The Windows KDCs set this flag for services whose domain account has the
option:

   "Trust this user for delegation to any service (Kerberos only)"

... set in the MMC AD Users and Computers GUI. 

-- 
   Richard
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2011-08-12

These mail archives are generated by hypermail.

donate! Page updated November 12, 2010.
web site info

File upload with ASP.NET