Developer's Guide to Oracle® Solaris 11 Security

Exit Print View

Updated: July 2014

Running the GSSAPI Client Example

The gss-client example takes this form on the command line:

gss-client [–port port] [–d] [–mech mech] host service-name [–f] msg
  • port – The port number for making the connection to the remote machine that is specified by host.

  • –d flag – Causes security credentials to be delegated to the server. Specifically, the deleg-flag variable is set to the GSS-API value GSS_C_DELEG_FLAG. Otherwise, deleg-flag is set to zero.

  • mech – The name of the security mechanism, such as Kerberos v5 to be used. If no mechanism is specified, the GSS-API uses a default mechanism.

  • host – The name of the server.

  • service-name – The name of the network service requested by the client. Some typical examples are the telnet, ftp, and login services.

  • msg – The string to send to the server as protected data. If the –f option is specified, then msg is the name of a file from which to read the string.

A typical command line for client application program might look like the following example:

% gss-client -port 8080 -d -mech kerberos_v5 erebos.eng nfs "ls"

The following example does not specify a mechanism, port, or delegation:

% gss-client erebos.eng nfs "ls"