X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=mech_eap%2FREADME;h=3cb2d50230d49744f23fb3e5b973742fd036f292;hb=refs%2Fheads%2Fjson-name;hp=3e5e4ebcb8c4ce98d165c639044df63bba2d7297;hpb=74351f05b4a022742153663ad685dffb198ee619;p=moonshot.git diff --git a/mech_eap/README b/mech_eap/README index 3e5e4eb..3cb2d50 100644 --- a/mech_eap/README +++ b/mech_eap/README @@ -112,7 +112,8 @@ appropriately ( is the name of the host running the server, not the RADIUS server). % gss-client -port 5555 -spnego -mech "{1 3 6 1 4 1 5322 22 1 18}" \ - -user -pass host@ "Testing GSS EAP" + -user @ -pass host@ \ + "Testing GSS EAP" % gss-server -port 5555 -export host@ Note: for SASL you will be prompted for a username and password. @@ -131,3 +132,16 @@ To test fast reauthentication support, add the following to This will store a Kerberos ticket for a GSS-EAP authenticated user in a credentials cache, which can then be used for re-authentication to the same acceptor. You must have a valid keytab configured. + +In this testing phase of Moonshot, it's also possible to store a +default identity and credential in a file. The format consists of +the string representation of the initiator identity and the password, +separated by newlines. The default location of this file is +.gss_eap_id in the user's home directory, however the GSSEAP_IDENTITY +environment variable can be used to set an alternate location. + +You can also set a default realm in [appdefaults]; the Kerberos +default realm is never used by mech_eap (or at least, that is the +intention), so if unspecified you must always qualify names. It should +generally not be necessary to specify this. +