A GSSAPI principal requires credentials as proof of identity.
一个GSSAPI主体要求凭证作为身份的证据。
Normally, a TGT is acquired for GSSAPI user principals and not service principals.
通常,TGT是为GSSAPI用户主体而不是为服务主体而获取的。
A GSSAPI service principal may also initiate context, in which case it requires a TGT.
一个GSSAPI服务主体还可以初始化上下文,这时需要TGT。
Hence, a GSSAPI application must provide for credential acquisition before invoking GSSAPI.
因此,一个GSSAPI应用程序在调用GSSAPI之前必须提供凭证获取。
A service principal, on the other hand, requires just its secret key to accept GSSAPI contexts.
另一方面,一个服务主体所要求的仅是接受GSSAPI上下文的密钥。
A GSSAPI login interface is neither mandated by standards nor provided by typical implementations.
一个GSSAPI登录接口既不是由标准托管的,也不是由典型的实现提供的。
The TGT is required for the user principal to initiate GSSAPI context with one or more service principals.
TGT被要求用一个或多个服务主体来为用户主体初始化gssapi上下文。
Common authentication methods include password, public key, keyboard-interactive, GSSAPI, SecureID, and PAM.
常见的身份验证方法包括密码、公钥、键盘交互、GSSAPI、SecureID和PAM。
GSSAPI offers a standard generic interface through which a secure application can use multiple underlying security mechanisms.
GSSAPI提供了一个标准的通用接口,通过该接口安全应用程序可以使用多种底层的安全机制。
However, a Telnet program written to the GSSAPI interface can use Kerberos as well as other security mechanisms supported by GSSAPI.
然而,使用GSSAPI接口编写的Telnet程序不但可以使用Kerberos,还可以使用GSSAPI所支持的其它的安全机制。
GSSAPI specifications do not prescribe how a principal acquires credentials, and implementations typically do not provide such a feature.
GSSAPI规范没有指定主体是如何获取凭证的,而且实现典型的也没有提供这样的功能。
The main benefit of GSSAPI is that a secure application developed using GSSAPI can work over different security mechanisms without modification.
GSSAPI的主要的优点是:一个使用GSSAPI开发的安全应用程序无需修改就可以在不同的安全机制上工作。
GSSAPI lacks a login interface for acquiring credentials; it merely queries the underlying security mechanism for credentials for the calling principal.
GSSAPI缺少一个获取凭证的登录接口;它仅在底层的安全机制中查询调用主体的凭证。
The secret key of a service principal can be added to the JAAS Subject, furthering the objective of using the JAAS Subject as a central repository of GSSAPI credentials.
可把服务主体的密钥加给JAASSubject,强化将JAAS Subject用做一个GSSAPI凭证的中央资源库的目标。
The secret key of a service principal can be added to the JAAS Subject, furthering the objective of using the JAAS Subject as a central repository of GSSAPI credentials.
可把服务主体的密钥加给JAASSubject,强化将JAAS Subject用做一个GSSAPI凭证的中央资源库的目标。
应用推荐