The authentication service creates a TGT.
身份验证服务创建一个TGT。
The credentials for a user principal are always a TGT.
用户主体的凭证通常是TGT。
Obtain client authentication credential (TGT) using kinit
使用 kinit获得客户机身份验证凭证(TGT)
This message includes the targeted server name and the TGT.
此消息包含目标服务器名称和TGT。
Basically, TGT contains two parts illustrated below in Figure 4.
基本上,TGT包含两部分,如图4所示。
It retrieves the default TGT if the specified principal is null.
如果特定主体是空(null),它就获得缺省的TGT。
The classes represent a Kerberos TGT and a secret key, respectively.
这两个类分别代表了一个KerberosTGT和一个密钥。
The client has the valid TGT but cannot obtain the service ticket(TGS)
客户机拥有有效的TGT但不能获取服务票据(TGS)
For a service principal, it is usually a secret key but can also be a TGT.
对服务主体而言,它通常是密钥,但也可以是TGT。
Get the TGT containing session key for use with the authentication services.
获得包含供与身份验证服务器一同使用的会话密钥的tgt。
The user does not need to do anything after entering the password for the initial TGT.
用户在为初始的TGT输入密码之后就不需要做任何事情了。
Normally, a TGT is acquired for GSSAPI user principals and not service principals.
通常,TGT是为GSSAPI用户主体而不是为服务主体而获取的。
The objects to be added to Subject (principal, TGT, and skey) are from the login phase.
要加到Subject的对象(principal、tgt和skey)来自登录阶段。
A GSSAPI service principal may also initiate context, in which case it requires a TGT.
一个GSSAPI服务主体还可以初始化上下文,这时需要TGT。
That's why I'm going to omit the padata field from the TGT request that I'm going to generate.
因此我将在要生成的TGT请求中略去padata字段。
As discussed previously, other factors could be used as the basis for choosing the default TGT.
如前面所讨论的,其它因素可以用做选择缺省的TGT的依据。
Unlike Walmart, Target's (TGT) main appeal is a combination of low prices and designer brands.
与沃尔玛不同,塔吉特的主要吸引力在于低价格与设计师品牌相结合。
The TGT is required for the user principal to initiate GSSAPI context with one or more service principals.
TGT被要求用一个或多个服务主体来为用户主体初始化gssapi上下文。
Support default credentials; install the owner of the default TGT or secret key as the principal in the Subject.
支持缺省凭证;将缺省TGT或密钥的所有者作为主体安装在Subject里。
The login module can also use an existing TGT from a credentials cache or an existing secret key from a key table.
登录模块还可以使用一个来自凭证高速缓存的已存在的TGT或是来自密钥表的已存在的密钥。
The TGT contains the identity of the client, a randomly generated TGT session key and the lifetime of the TGT.
该TGT包含客户端的身份、一个随机生成的TGT会话密钥和TGT的有效期。
Recall from that discussion that a TGT request contains four data fields: pvno, msg-type, padata, and req-body.
回想在那里的讨论中,TGT请求包含四个数据字段:pvno、msg - type、padata和req - body。
This option can also be used to indicate that a default TGT cache should be used by specifying, for example, the value.
该选项还可以用于表明需要指定一个要使用的缺省TGT高速缓存,例如,的值。
This information is needed to acquire a TGT for a user principal or to create a secret key for a service principal.
在为用户主体获取tgt时或是为服务主体创建一个密钥时需要此信息。
In this scenario, the principal that is added to the Subject is the principal that owns the default TGT or service key.
在这种情况下,加给Subject的主体是有缺省TGT或密钥的主体。
By positioning the cursor over the icon, you can view the time left until the initial ticket-granting ticket (TGT) expires.
通过将光标移动到图标上方,可以看到初始票据授予票据(TGT)过期的剩余时间。
A client cannot get a TGT when the password is incorrect or there are Kerberos configuration errors in the client machine.
如果客户机机器上的密码错误或Kerberos配置错误,客户机就不能获得TGT。
The entity can reuse the TGT to get additional STs for use with SS without having to authenticate itself with AS once again.
实体能够重复使用TGT获取额外的ST以使用SS,无需再次使用AS验证自己。
I discussed the structure of a TGT request while discussing Figure 2, Listing 1, and Table 2 in the first article of this series.
在本系列的第一篇文章对图2、清单1和表2的讨论中我讨论过TGT请求的结构。
The login module can also support default principals, that is, using default TGT or secret key when no principal name is specified.
登录模块还支持缺省主体,即,在没有指明主体名时使用缺省的TGT或密钥。
应用推荐